Blog

How to Fix the Japanese/Chinese SEO Spam Hack on WordPress Websites

Posted on by Ravi Thapa

If you have a WordPress website and you noticed that it has suddenly started displaying Chinese or Japanese characters in search engine results (SERP), you’ve likely been hit by the notorious Japanese/Chinese SEO Spam Hack. This type of malware injects spam pages into your website, modifying Google’s indexed content and often taking over your site’s titles, meta descriptions, and even favicons.

In this post, we’ll walk you through step-by-step solutions to clean your WordPress site, recover your SEO rankings and avoid getting into this trouble in future.

 

Step 1: Identify If Your Site is Hacked

Check for Spam in Search Results

  1. Open Google Search and type: site:yourwebsite.com
  2. Look for suspicious indexed pages with Japanese/Chinese characters in titles or meta descriptions.
  3. If spam pages appear, your site has been infected.

Scan Your Website for Malware

Use online tools to detect malicious code:

    Google Safe Browsing – Check for security issues:

https://transparencyreport.google.com/safe-browsing/search?url=yourwebsite.com

 

Step 2: Remove Malicious Files and Code

 

 

Manually Check WordPress Core Files

Hackers often hide malicious scripts in your WordPress files. To manually inspect:

  1. Login via FTP or cPanel File Manager

  2. Arrange your website in the order of ” last modified” and Check and delete suspicious files in:

    • /wp-content/themes/

    • /wp-content/plugins/

    • /wp-content/uploads/

    • /wp-includes/

  3. Look for files with random names like hiroshi.php or godsend.php and delete them.

Check .htaccess File for Redirects

 

Hackers modify the .htaccess file to redirect visitors to spam sites.

  1. Open public_html/.htaccess

  2. If you find strange redirect rules like:

    RewriteEngine On
RewriteCond %{REQUEST_URI} !^/wp-admin
RewriteRule .* https://spam-site.com [R=301,L]

  3. Remove the malicious code and save the file.

Check for Suspicious Admin Users

  1. Go to WordPress Dashboard → Users → All Users

  2. Look for unfamiliar admin accounts.

  3. If found, delete them immediately.

 

Step 3: Restore WordPress from a Clean Backup (If Available)

If you have a backup before the hack, restore it:

  1. Login to cPanel or hosting account.

  2. Navigate to Backup Wizard.

  3. Restore database and files from a clean version.

If no backup is available, then get a fresh copy of WordPress from here and replace everything on your website except the wp-content folder and wp-config.php, this will update all your core files while keeping all your data as it is.

 

Step 4: Secure Your WordPress Website

Update Everything

  • Update WordPress Core to the latest version.

  • Update Themes and Plugins.

  • Remove unused or suspicious plugins.

Change All Passwords

Reset credentials for:

  • WordPress Admin

  • FTP and cPanel

  • Database (phpMyAdmin)

Limit Admin Access

  • Disable file editing inside WordPress: open your wp-config.php file and include this code just above /* That’s all, stop editing! Happy blogging. */

    define('DISALLOW_FILE_EDIT', true);

  • Restrict login attempts using Limit Login Attempts Reloaded plugin.

  • Change the default wp-admin login URL using a plugin like WPS Hide Login.

Enable Two-Factor Authentication (2FA)

Use plugins like Google Authenticator 

 

Step 5: Remove Spam Pages from Google Index

Submit a Security Review in Google Search Console

  1. Go to Google Search Console → Security Issues.

  2. Click Request a Review after fixing the problem.

Remove Malicious Indexed URLs

  1. Go to Google Search Console → Removals.

  2. Click New Request.

  3. Enter spam URLs and submit for removal.

Request a Full Site Recrawl

  1. Submit your sitemap.xml in Search Console → Indexing → Sitemaps.

  2. Request Google to re-index the homepage using URL Inspection Tool.

  3. Ping Google to force re-crawling:

    https://www.google.com/ping?sitemap=https://yourwebsite.com/sitemap.xml

     

    Enable Security Monitoring

    • Use Cloudflare or Sucuri Firewall for DDoS protection.

    • Set up Google Alerts for new indexed pages:

      site:yourwebsite.com -yourdomain.com

    Backup Your Website Regularly

    • Use UpdraftPlus or Jetpack Backup for daily automatic backups.

    Perform Regular Security Audits

    • Run Wordfence scans weekly.

    • Check Google Search Console for new security alerts.

Final Thoughts

The Japanese/Chinese SEO Spam Hack is a serious threat that can damage your website’s reputation and SEO rankings. Following this step-by-step guide, you can successfully remove the malware, restore your rankings, and secure your WordPress site from future attacks.

🔹 Need Professional Help? If your website is still affected, consider hiring our security expert or contacting us for further assistance.

By securing your website today, you can prevent future hacks and maintain a strong online presence. 🚀

 

Ravi Thapa

Senior WordPress Developer and an avid SEO expert, Ravi has helped hundreds of businesses right here in Sydney and across Australia build their online presence. With over 10+ years experience in this industry, Ravi knows what it takes for SME's to succeed online.