When my site was hacked within RankMath…

  • …the hackers submitted tons of pages to the Google search results. There are over 1100+ crap/spam/malware pages still showing in Search Console.

    Is there any way YOU can get rid of them for me? I’ve tried submitting each one to get them de-indexed, and it seems to (sort of) work, but the pages remain in the index…

    I’ve heard there is a Chrome plug-in for this, but the payment system spooks me. You have to use your credit card.

    Anyway…it’s been a problem for several months. Google’s help says they’ll eventually go away after a few weeks, but they persist.

    Can you help?


    • This topic was modified 1 week, 3 days ago by David Victor.
Viewing 15 replies - 1 through 15 (of 15 total)
  • Hi David,

    Thanks for getting in touch with us.

    How are you assuming this was due to Rank Math?

    These type of issues usually occur due to the usage of outdated plugins and themes.

    You said it has been happening for a few months and most of these seem like they are on your sub-domains. Rank Math doesn’t have the authority to create subdomains so it is quite impossible that that is caused by Rank Math.

    With that said, you have to start by deleting these pages otherwise they will keep coming back.

    Here is a guide on how to clean up your website:

    and how to secure your web server: https://mythemeshop.com/blog/web-server-security/

    and secure your WordPress:

    It is essential that you always run updated versions of all the products you use on your website but it is even more essential to choose a good web host because in your case I think the hackers gained access via your web server. Otherwise, they would not have been able to create those sub-domains where malware pages can be found.

    Hope that helps.

    Not sure about the subdomain stuff, but certainly, it could have happened some other way. But outdated this-or-that, very unlikely, as I keep my sites very up-to-date, usually within 24 hours of an update. However, RankMath was hacked, as you guys know.

    As you can see if you dare click on any of those spammy links, those pages ARE indeed GONE. They all 404. They were deleted the second my site was cleaned. I actually had to hire a pro to clean/dehack my site.

    Nevertheless, the pages seem to remain in Google’s cache. I need a bulk way to remove them, and the ONLY Chrome extension I’ve found seems itself very suspect based on the way you’re supposed to pay for it.

    Any other thoughts based on my feedback here?

    Thank you.


    Well, I don’t think there is any tool able to remove them from Google cache, it is just matter of time since the URLs are removed but I understand how you feel waiting all that time.

    Maybe you could redirect all those URLs to the homepage or another page using 301 redirections, so Google if crawls them will see they are redirecting to another place and remove them.

    Looking forward to help you.

    Hi Alberto – So are you saying since they keep coming up as 404s on my site that Google is just going “Oh well, I’ll try again later”?

    Would it be better to specifically redirect all 404s to my home page..? At least, in this instance?

    Is there another code like a 308 that would indicate more strongly to Google to ignore this URL?

    Thanks for your help!


    Yes, that is what I mean. Imagine you have a site and for some reason, one day you had some error in your site and a page returns a 404 error when Google crawls it.

    If Google instantly removes it, it would be an error. So Google gives it several “opportunities”, just to see if you fix it.

    The best solution would be redirecting them to someplace (like the homepage) using the 301 redirection, since it means “Moved permanently to…”.

    Looking forward to help you.

    So, in other words, just set all 404 errors to 301 redirect to the home page, and set it through RankMath?


    You should not blindly redirect all 404s to the homepage.

    Do it for URLs that are relevant. Redirecting everything without any pattern is a poor user experience.

    Redirect what you can to the homepage and mark the rest as 410 (deleted).

    Hope that helps.

    …but that was kind of the point of my original post.

    How would I go about doing that for 1500 links? One-by-one would take forever.


    In your case you can select the URLs in 404 monitor and and redirect them in bulk.

    Hope that helps. If you have any further question(s), please let us know. Thank you.

    Thank you Michael.

    Would it not be most accurate to use a 410 or 451 instead of a 301?

    Using a 301 almost makes it sound like I previously authorized this content, now, not so much.

    Your thoughts?



    Thank you for the follow up.

    301 is normally used where you have another URL that can take the value of the URL being redirected. Where the destination URL have somewhat similar content to the redirect souce URL.

    410 can be used in a case lie yours. It sends a header with information that the page/URL has been completely deleted. This helps search engines to remove the URL from indexing as soon as they update the cache.

    451 is usually to do with legal situations. In a case where your site can be ordered to take down a page/URL.

    Hope that helps. If you have any further question(s), please let us know. Thank you.

    That does help, thank you, Michael.


    We are glad we could assist you.

    Do you wish to close this thread?

    If you have any further question(s), please let us know. Thank you.

    Yes, thanks again!


    We are super happy we could assist you.

    If you don’t mind me asking, could you please leave us a review (if you haven’t already) on https://wordpress.org/support/plugin/seo-by-rank-math/reviews/#new-post about your overall experience with Rank Math? We appreciate your time and patience.

    If you do have another question in the future, please feel free to create a new forum topic, and it will be our pleasure to assist you again.

    Thank you.

Viewing 15 replies - 1 through 15 (of 15 total)

The ticket ‘When my site was hacked within RankMath…’ is closed to new replies.