Error message

  • Warning: date_timezone_set() expects parameter 1 to be DateTime, boolean given in format_date() (line 2040 of /home1/moitozoc/drupals/drupal-7.33/includes/
  • Warning: date_format() expects parameter 1 to be DateTime, boolean given in format_date() (line 2050 of /home1/moitozoc/drupals/drupal-7.33/includes/
  • Warning: date_timezone_set() expects parameter 1 to be DateTime, boolean given in format_date() (line 2040 of /home1/moitozoc/drupals/drupal-7.33/includes/
  • Warning: date_format() expects parameter 1 to be DateTime, boolean given in format_date() (line 2050 of /home1/moitozoc/drupals/drupal-7.33/includes/
  • Warning: date_timezone_set() expects parameter 1 to be DateTime, boolean given in format_date() (line 2040 of /home1/moitozoc/drupals/drupal-7.33/includes/
  • Warning: date_format() expects parameter 1 to be DateTime, boolean given in format_date() (line 2050 of /home1/moitozoc/drupals/drupal-7.33/includes/
  • Warning: date_timezone_set() expects parameter 1 to be DateTime, boolean given in format_date() (line 2040 of /home1/moitozoc/drupals/drupal-7.33/includes/
  • Warning: date_format() expects parameter 1 to be DateTime, boolean given in format_date() (line 2050 of /home1/moitozoc/drupals/drupal-7.33/includes/
  • Warning: date_timezone_set() expects parameter 1 to be DateTime, boolean given in format_date() (line 2040 of /home1/moitozoc/drupals/drupal-7.33/includes/
  • Warning: date_format() expects parameter 1 to be DateTime, boolean given in format_date() (line 2050 of /home1/moitozoc/drupals/drupal-7.33/includes/


Updating Our Search Quality Rating Guidelines

Google Webmaster Central Blog - Thu, 2015-11-19 14:26

Developing algorithmic changes to search involves a process of experimentation. Part of that experimentation is having evaluators—people who assess the quality of Google’s search results—give us feedback on our experiments. Ratings from evaluators do not determine individual site rankings, but are used help us understand our experiments. The evaluators base their ratings on guidelines we give them; the guidelines reflect what Google thinks search users want.

In 2013, we published our human rating guidelines to provide transparency on how Google works and to help webmasters understand what Google looks for in web pages. Since that time, a lot has changed: notably, more people have smartphones than ever before and more searches are done on mobile devices today than on computers.

We often make changes to the guidelines as our understanding of what users wants evolves, but we haven’t shared an update publicly since then. However, we recently completed a major revision of our rater guidelines to adapt to this mobile world, recognizing that people use search differently when they carry internet-connected devices with them all the time. You can find that update here (PDF).

This is not the final version of our rater guidelines. The guidelines will continue to evolve as search, and how people use it, changes. We won’t be updating the public document with every change, but we will try to publish big changes to the guidelines periodically.

We expect our phones and other devices to do a lot, and we want Google to continue giving users the answers they're looking for—fast!

Posted by Mimi Underwood, Sr. Program Manager, Search Growth & Analysis
Categories: sysadmin

TC Summit 2015: Celebrating our Webmaster Top Contributors!

Google Webmaster Central Blog - Mon, 2015-11-09 06:06

Two weeks ago, we were extremely lucky to host the 2015 edition of the Top Contributor Summit (#TCsummit), in San Francisco and on Google’s campus in Mountain View, California.

Google Top Contributors are an exceptional group of passionate Google product enthusiasts who share their expertise across our international help forums to support millions of Google users every year. Google’s Top Contributor Summit is an event organised every two years, to celebrate these amazing users. This year we had the pleasure to welcome 526 Top Contributors, from all around the world.

Under the motto “Learn, Connect, Celebrate”, Top Contributors had the chance to learn more about our products, get insights on the future of Google, connect with Googlers and Top Contributors from various products and, finally, to celebrate their positive impact on our products and users.

Footage of the 2015 Top Contributor Summit

We also had the chance to hold Webmaster-specific sessions, which gave Googlers the unique opportunity to meet 56 of our Webmaster Top Contributors, representing 20 countries and speaking 14 different languages.

Group photo of the Webmaster Top Contributor community and the Google Webmaster Relations team

Throughout the day, we had in-depth sessions about Google Webmaster guidelines, Search Console and Google Search. We discussed the most common issues that users are bringing up in our international webmaster forums, and listened to the Top Contributors’ feedback regarding our Search tools. We also talked about the Top Contributor program itself and additional opportunities for our users to benefit from both Google and the TCs’ support. Product managers, engineers and search quality Googlers attended the sessions to listen and bring the feedback given by Top Contributors and users on the forum back to their teams.

Webmaster Top Contributors during the in-depth sessions about Google Webmaster guidelines, Search Console and Google Search

At Google, we are grateful to have the incredible opportunity to meet and connect with some of the most insightful members of the webmaster community and get their feedback on such important topics. It helps us be sure that Google keeps focusing on what really matters to webmasters, content creators, and users.

To learn more about our Top Contributor Program, or to give us your own feedback, visit our Top Contributor homepage or join our Webmaster help forum.

Diogo Botelho and Roberta Remigi, Webmaster Relations team
Categories: sysadmin

Detect and get rid of unwanted sneaky mobile redirects

Google Webmaster Central Blog - Thu, 2015-10-29 08:00

In many cases, it is OK to show slightly different content on different devices. For example, optimizing the smaller space of a smartphone screen can mean that some content, like images, will have to be modified. Or you might want to store your website’s menu in a navigation drawer (find documentation here) to make mobile browsing easier and more effective. When implemented properly, these user-centric modifications can be understood very well by Google.

The situation is similar when it comes to mobile-only redirect. Redirecting mobile users to improve their mobile experience (like redirecting mobile users from to is often beneficial to them. But redirecting mobile users sneakily to a different content is bad for user experience and is against Google’s webmaster guidelines.

A frustrating experience: The same URL shows up in search results pages on desktop and on mobile. When a user clicks on this result on their desktop computer, the URL opens normally. However, when clicking on the same result on a smartphone, a redirect happens and an unrelated URL loads.
Who implements these mobile-only sneaky redirects?

There are cases where webmasters knowingly decide to put into place redirection rules for their mobile users. This is typically a webmaster guidelines violation, and we do take manual action against it when it harms Google users’ experience (see last section of this article).   

But we’ve also observed situations where mobile-only sneaky redirects happen without site owners being aware of it:

  • Advertising schemes that redirect mobile users specifically
    A script/element installed to display ads and monetize content might be redirecting mobile users to a completely different site without the webmaster being aware of it.
  • Mobile redirect as a result of the site being a target of hacking
    In other cases, if your website has been hacked, a potential result can be redirects to spammy domains for mobile users only.
How do I detect if my site is doing sneaky mobile redirects?
  1. Check if you are redirected when you navigate to your site on your smartphone
    We recommend you to check the mobile user experience of your site by visiting your pages from Google search results with a smartphone. When debugging, mobile emulation in desktop browsers is handy, mostly because you can test for many different devices. You can, for example, do it straight from your browser in Chrome, Firefox or Safari (for the latter, make sure you have enabled the “Show Develop menu in menu bar” feature).
  1. Listen to your users
    Your users could see your site in a different way than you do. It’s always important to pay attention to user complaints, so you can hear of any issue related to mobile UX.
  2. Monitor your users in your site’s analytics data
    Unusual mobile user activity could be detected by looking at some of the data held in your website's analytics data. For example, looking at the average time spent on your site by your mobile users could be a good signal to watch: if all of a sudden, your mobile users (and only them) start spending much less time on your site than they used to, there might be an issue related to mobile redirections.

    To be aware of wide changes in mobile user activity as soon as they happen, you can for example set up Google Analytics alerts. For example, you can set an alert to be warned in case of a sharp drop in average time spent on your site by mobile users, or a drop in mobile users (always take into account that big changes in those metrics are not a clear, direct signal that your site is doing mobile sneaky redirects).
I’ve detected sneaky redirects for my mobile users, and I did not set it up: what do I do?
  1. Make sure that your site is not hacked.
    Check the Security Issues tool in the Search Console, if we have noticed any hack, you should get some information there.
    Review our additional resources on typical symptoms of hacked sites, and our case studies on hacked sites.
  2. Audit third-party scripts/elements on your site
    If your site is not hacked, then we recommend you take the time to investigate if third-party scripts/elements are causing the redirects. You can follow these steps:
    A. Remove one by one the third-party scripts/elements you do not control from the redirecting page(s).
    B. Check your site on a mobile device or through emulation between each script/element removal, and see when the redirect stops.
    C. If you think a particular script/element is responsible for the sneaky redirect, consider removing it from your site, and debugging the issue with the script/element provider.

Last Thoughts on Sneaky Mobile Redirects

It's a violation of the Google Webmaster Guidelines to redirect a user to a page with the intent of displaying content other than what was made available to the search engine crawler (more information on sneaky redirects). To ensure quality search results for our users, the Google Search Quality team can take action on such sites, including removal of URLs from our index.  When we take manual action, we send a message to the site owner via Search Console. Therefore, make sure you’ve set up a Search Console account.

Be sure to choose advertisers who are transparent on how they handle user traffic, to avoid unknowingly redirecting your own users. If you are interested in trust-building in the online advertising space, you may check out industry-wide best practices when participating in ad networks. For example, the Trustworthy Accountability Group’s (Interactive Advertising Bureau) Inventory Quality Guidelines are a good place to start. There are many ways to monetize your content with mobile solutions that provide a high quality user experience, be sure to use them.

If you have questions or comments about mobile-only redirects, join us in our Google Webmaster Support forum.

Written by Vincent Courson & Badr Salmi El Idrissi, Search Quality team
Categories: sysadmin

Deprecating our AJAX crawling scheme

Google Webmaster Central Blog - Wed, 2015-10-14 14:38

tl;dr: We are no longer recommending the AJAX crawling proposal we made back in 2009.

In 2009, we made a proposal to make AJAX pages crawlable. Back then, our systems were not able to render and understand pages that use JavaScript to present content to users. Because "crawlers … [were] not able to see any content … created dynamically," we proposed a set of practices that webmasters can follow in order to ensure that their AJAX-based applications are indexed by search engines.

Times have changed. Today, as long as you're not blocking Googlebot from crawling your JavaScript or CSS files, we are generally able to render and understand your web pages like modern browsers. To reflect this improvement, we recently updated our technical Webmaster Guidelines to recommend against disallowing Googlebot from crawling your site's CSS or JS files.

Since the assumptions for our 2009 proposal are no longer valid, we recommend following the principles of progressive enhancement. For example, you can use the History API pushState() to ensure accessibility for a wider range of browsers (and our systems).

Questions and answers

Q: My site currently follows your recommendation and supports _escaped_fragment_. Would my site stop getting indexed now that you've deprecated your recommendation?
A: No, the site would still be indexed. In general, however, we recommend you implement industry best practices when you're making the next update for your site. Instead of the _escaped_fragment_ URLs, we'll generally crawl, render, and index the #! URLs.

Q: Is moving away from the AJAX crawling proposal to industry best practices considered a site move? Do I need to implement redirects?
A: If your current setup is working fine, you should not have to immediately change anything. If you're building a new site or restructuring an already existing site, simply avoid introducing _escaped_fragment_ urls. .

Q: I use a JavaScript framework and my webserver serves a pre-rendered page. Is that still ok?
A: In general, websites shouldn't pre-render pages only for Google -- we expect that you might pre-render pages for performance benefits for users and that you would follow progressive enhancement guidelines. If you pre-render pages, make sure that the content served to Googlebot matches the user's experience, both how it looks and how it interacts. Serving Googlebot different content than a normal user would see is considered cloaking, and would be against our Webmaster Guidelines.

If you have any questions, feel free to post them here, or in the webmaster help forum.

Posted by , Search Quality Analyst
Categories: sysadmin

An update on how we tackle hacked spam

Google Webmaster Central Blog - Tue, 2015-10-06 02:32

Recently we have started rolling out a series of algorithmic changes that aim to tackle hacked spam in our search results. A huge amount of legitimate sites are hacked by spammers and used to engage in abusive behavior, such as malware download, promotion of traffic to low quality sites, porn, and marketing of counterfeit goods or illegal pharmaceutical drugs, etc.

Website owners that don’t implement standard best practices for security can leave their websites vulnerable to being easily hacked. This can include government sites, universities, small business, company websites, restaurants, hobby organizations, conferences, etc. Spammers and cyber-criminals purposely seek out those sites and inject pages with malicious content in an attempt to gain rank and traffic in search engines.

We are aggressively targeting hacked spam in order to protect users and webmasters.

The algorithmic changes will eventually impact roughly 5% of queries, depending on the language. As we roll out the new algorithms, users might notice that for certain queries, only the most relevant results are shown, reducing the number of results shown:

This is due to the large amount of hacked spam being removed, and should improve in the near future. We are continuing tuning our systems to weed out the bad content while retaining the organic, legitimate results. If you have any questions about these changes, or want to give us feedback on these algorithms, feel free to drop by our Webmaster Help Forums.

Posted by Ning Song, Software Engineer

Categories: sysadmin

First Click Free update

Google Webmaster Central Blog - Tue, 2015-09-29 05:55

Around ten years ago when we introduced a policy called “First Click Free,” it was hard to imagine that the always-on, multi-screen, multiple device world we now live in would change content consumption so much and so fast. The spirit of the First Click Free effort was - and still is - to help users get access to high quality news with a minimum of effort, while also ensuring that publishers with a paid subscription model get discovered in Google Search and via Google News.

In 2009, we updated the FCF policy to allow a limit of five articles per day, in order to protect publishers who felt some users were abusing the spirit of this policy. Recently we have heard from publishers about the need to revisit these policies to reflect the mobile, multiple device world. Today we are announcing a change to the FCF limit to allow a limit of three articles a day. This change will be valid on both Google Search and Google News.

Google wants to play its part in connecting users to quality news and in connecting publishers to users. We believe the FCF is important in helping achieve that goal, and we will periodically review and update these policies as needed so they continue to benefit users and publishers alike. We are listening and always welcome feedback.

Questions and answers about First Click Free

Q: Do the rest of the old guidelines still apply?
A: Yes, please check the guidelines for Google News as well as the guidelines for Web Search and the associated blog post for more information.

Q: Can I apply First Click Free to only a section of my site / only for Google News (or only for Web Search)?
A: Sure! Just make sure that both Googlebot and users from the appropriate search results can view the content as required. Keep in mind that showing Googlebot the full content of a page while showing users a registration page would be considered cloaking.

Q: Do I have to sign up to use First Click Free?
A: Please let us know about your decision to use First Click Free if you are using it for Google News. There's no need to inform us of the First Click Free status for Google Web Search.

Q: What is the preferred way to count a user's accesses?
A: Since there are many different site architectures, we believe it's best to leave this up to the publisher to decide.

(Please see our related blog post for more information on First Click Free for Google News.)

Posted by John Mueller, Google Switzerland
Categories: sysadmin

Drive app installs through App Indexing

Google Webmaster Central Blog - Fri, 2015-09-25 13:36
You’ve invested time and effort into making your app an awesome experience, and we want to help people find the great content you’ve created. App Indexing has already been helping people engage with your Android app after they’ve installed it — we now have 30 billion links within apps indexed. Starting this week, people searching on Google can also discover your app if they haven’t installed it yet. If you’ve implemented App Indexing, when indexed content from your app is relevant to a search done on Google on Android devices, people may start to see app install buttons for your app in search results. Tapping these buttons will take them to the Google Play store where they can install your app, then continue straight on to the right content within it.

With the addition of these install links, we are starting to use App Indexing as a ranking signal for all users on Android, regardless of whether they have your app installed or not. We hope that Search will now help you acquire new users, as well as re-engage your existing ones. To get started, visit and to learn more about the other ways you can integrate with Google Search, visit

Posted by Lawrence Chang, Product Manager
Categories: sysadmin

FAQs about the April 21st mobile-friendly update

Google Webmaster Central Blog - Wed, 2015-09-23 19:41
We’d like to share answers to your frequently asked questions. For background, in February, we announced that the mobile-friendly update will boost the rankings of mobile-friendly pages -- pages that are legible and usable on mobile devices -- in mobile search results worldwide. (Conversely, pages designed for only large screens may see a significant decrease in rankings in mobile search results.) To get us all on the same page, here are the most frequently asked questions:

General FAQs
1. Will desktop and/or tablet ranking also be affected by this change?

No, this update has no effect on searches from tablets or desktops. It affects searches from mobile devices across all languages and locations.

2. Is it a page-level or site-level mobile ranking boost? 

It’s a page-level change. For instance, if ten of your site’s pages are mobile-friendly, but the rest of your pages aren’t, only the ten mobile-friendly pages can be positively impacted.

3. How do I know if Google thinks a page on my site is mobile-friendly?

Individual pages can be tested for “mobile-friendliness” using the Mobile-Friendly Test.

Test individual URLs in real-time with the Mobile-Friendly Test.
To review site-level information on mobile-friendliness, check out the Mobile Usability report in Webmaster Tools. This feature’s data is based on the last time we crawled and indexed your site’s pages.
Mobile Usability in Webmaster Tools provides a snapshot of your entire site’s mobile-friendliness.

4. Unfortunately, my mobile-friendly pages won’t be ready until after April 21st. How long before they can be considered mobile-friendly in ranking?
We determine whether a page is mobile-friendly every time it’s crawled and indexed -- you don’t have to wait for another update. Once a page is mobile-friendly, you can wait for Googlebot for smartphones to naturally (re-)crawl and index the page or you can expedite processing by using Fetch as Google with Submit to Index in Webmaster Tools. For a large volume of URLs, consider submitting a sitemap. In the sitemap, if your mobile content uses pre-existing URLs (such as with Responsive Web Design or dynamic serving), also include the lastmod tag.

5. Since the mobile ranking change rolls out on April 21st, if I see no drop in traffic on April 22nd, does that mean that my site’s rankings aren't impacted?
You won't be able to definitively determine whether your site’s rankings are impacted by the mobile-friendly update by April 22nd. While we begin rolling out the mobile-friendly update on April 21st, it’ll be a week or so before it makes its way to all pages in the index. 

6. I have a great mobile site, but the Mobile-Friendly Test tells me that my pages aren't mobile-friendly. Why?
If a page is designed to work well on mobile devices, but it’s not passing the Mobile-Friendly Test, the most common reason is that Googlebot for smartphones is blocked from crawling resources, like CSS and JavaScript, that are critical for determining whether the page is legible and usable on a mobile device (i.e., whether it’s mobile-friendly). To remedy:
  1. Check if the Mobile-Friendly Test shows blocked resources (often accompanied with a partially rendered image).
  2. Allow Googlebot to crawl the necessary files.
  3. Double-check that your page passes the Mobile-Friendly Test.
  4. Use Fetch as Google with Submit to Index and submit your updated robots.txt to Google to expedite the re-processing of the updated page (or just wait for Google to naturally re-crawl and index).
The most common reason why a mobile page fails the Mobile-Friendly Test is that Googlebot for smartphones is blocked from crawling resources, like CSS and JavaScript, that are crucial for understanding the page’s mobile-friendliness. 

To reiterate, we recommend that site owners allow Googlebot to crawl all resources for a page (including CSS, JavaScript, and images), so that we can properly render, index, and in this case, assess whether the page is mobile-friendly.

7. What if I link to a site that’s not mobile-friendly?
Your page can still be “mobile-friendly” even if it links to a page that’s not mobile-friendly, such as a page designed for larger screens, like desktops. It’s not the best experience for mobile visitors to go from a mobile-friendly page to a desktop-only page, but hopefully as more sites become mobile-friendly, this will become less of a problem.

8. Does Google give a stronger mobile-friendly ranking to pages using Responsive Web Design (which uses the same URL and the same HTML for the desktop and mobile versions) vs. hosting a separate mobile site (like www for desktop and for mobile)?
No, mobile-friendliness is assessed the same, whether you use responsive web design (RWD), separate mobile URLs, or dynamic serving for your configuration. If your site uses separate mobile URLs or dynamic serving, we recommend reviewing the Mobile SEO guide to make sure Google is properly crawling and indexing your mobile pages.

9. Will my site / page disappear on mobile search results if it's not mobile-friendly?
While the mobile-friendly change is important, we still use a variety of signals to rank search results. The intent of the search query is still a very strong signal -- so even if a page with high quality content is not mobile-friendly, it could still rank high if it has great content for the query.

Specialized FAQs
10. What if my audience is desktop only? Then there’s no reason to have a mobile site, right?
Not exactly. Statistics show that more people are going “mobile only” -- either because they never had a desktop or because they won’t replace their existing desktop. Additionally, a non-mobile-friendly site may not see many mobile visitors precisely for that reason. 
The mobile-friendly update will apply to mobile searches conducted across all sites, regardless of the site’s target audiences’ language, region, or proportion of mobile to desktop traffic.

11. I have pages showing mobile usability errors because they embed a YouTube video. What can I do?
We suggest paying close attention to how the YouTube video is embedded. If you are using the “old-style” <object> embeds in the mobile page, convert to <iframe> embeds for broader compatibility. YouTube now uses the HTML5 player on the web by default, so it’s mobile-friendly to embed videos using the <iframe> tags from the “share” feature on the watch page or from the YouTube iFrame API. If you have a more complex integration, that should also be mobile-friendly, since it’ll instruct the device to use the device’s native support. 
For Flash content from sites other than YouTube, check if there is an equivalent HTML5 embed tag or code snippet to avoid using proprietary plugins.

12. Is there a clear standard for sizing tap targets?
Yes, we suggest a minimum of 7mm width/height for primary tap targets and a minimum margin of 5mm between secondary tap targets. The average width of an adult's finger pad is 10mm, and these dimensions can provide a usable interface while making good use of screen real estate.

13. To become mobile-friendly quickly, we’re thinking of creating a very stripped down version of our site (separate mobile pages) until our new responsive site is complete. Do you foresee any problems with this?
First, keep in mind that we support three mobile configurations and that your website doesn't have to be responsive to be mobile-friendly. In response to your question, please be cautious about creating a “stripped down” version of your site. While the page may be formatted for mobile, if it doesn’t allow your visitors to easily complete their common tasks or have an overall smooth workflow, it may become frustrating to your visitors and perhaps not worth the effort. Should a temporary mobile site be created, once the RWD is live, be sure to move the site properly. For example, update all links so they no longer reference the separate mobile URLs and 301 redirect mobile URLs to their corresponding RWD version.
If you’re totally new to building a mobile-friendly site, it’s not too late! Check out our Getting Started guide in the Mobile-Friendly Websites documentation.
Get started on your mobile site at

If you already have a mobile site, investigate the Mobile Usability report in Webmaster Tools to make sure that Google detects your site’s pages as mobile-friendly. 
Still more questions? Please ask below or check out the Mobile Websites section of the Webmaster Forum

Written by Maile Ohye, Developer Programs Tech Lead.
Categories: sysadmin

Helping hacked sites with reconsideration requests

Google Webmaster Central Blog - Wed, 2015-09-23 08:36

Thus far in 2015 we have seen a 180% increase in the number of sites getting hacked and a 300% increase in hacked site reconsideration requests. While we are working hard to help webmasters prevent hacks in the first place through efforts such as blog posts and #NoHacked campaigns, we recognize that our reconsideration process is an important part of making recovering from a hack faster and easier. Here's what we've been focussing on:

1) Improved communication
2) Better tools
3) Continuous feedback loop

1. Improving communications with webmasters of hacked sites

Last year we launched the "Note from your reviewer" feature in our reconsideration process. This feature enables us to give specific examples and advice tailored to each case in response to a reconsideration request. Thus far in 2015 we have sent a customized note to over 70% of webmasters whose hacked reconsideration request was rejected, with specific guidance on where and how to find the remaining hacked content. The results have been encouraging, as we've seen a 29% decrease in the average amount of time from when a site receives a hacked manual action to the time when the webmaster cleans up and the manual action is removed.

Example "note from your reviewer" with detailed guidance and a custom example of hacked text and a hacked page

We have also completed our second #NoHacked campaign, with more detailed help on preventing and recovering from hacks. In the campaign, we focused on ways to improve the security on your site as well as ways to fix your site if it was compromised. You can catch up by reading the first post.

2. Better tools including auto-removal of some hacked manual actions

Last year we launched the "Fetch and Render" feature to the Fetch as Google tool, which allows you to see the website exactly as Googlebot sees it. This functionality is useful in recovering from a hack, since many hackers inject cloaked content that's not visible to the normal user but obvious to search engine crawlers like Googlebot.

This year we also launched the Hacked Sites Troubleshooter in 23 languages which guides webmasters through some basic steps to recover from a hack. Let us know if you have found the troubleshooter useful as we're continuing to expand its features and impact.

Finally, we're beta testing the automated removal of some hacked manual actions. In Search Console if Google sees a "Hacked site" manual action under "Partial matches", and our systems detect that the hacked content is no longer present, in some cases we will automatically remove that manual action. We still recommend that you submit a reconsideration request if you see any manual actions, but don't be surprised if a "Hacked site" manual action disappears and saves you the trouble!

Example of a Hacked site manual action on a Partial match: if our systems detect that the hacked content is no longer present, in some cases we will automatically remove the manual action

3. Soliciting your feedback and taking action

Our improved communication and tools have come directly from feedback we've collected from webmasters of sites that have been hacked. For example, earlier this year we hosted webmasters who have been through the hacked reconsideration process in both Mountain View, USA and Dublin, Ireland for brainstorming sessions. We also randomly sampled webmasters that had been through a hacked reconsideration. We found that while only 15% of webmasters were dissatisfied with the process, the main challenges those webmasters faced were in clearer notification of their site being hacked and clearer guidance on how to resolve the hack. This feedback contributed directly our more detailed blog post on hacked recovery, and to much of the content in our latest #NoHacked campaign.

(for hi-res version)  

Googlers in Dublin brainstorming ways to improve the hacked reconsideration process after meeting with local webmasters

We will continue to support webmasters of hacked sites through the methods detailed above, in addition to the Webmasters help for hacked sites portal and the security, malware & hacked sites section of our forum. And we'd love to hear your ideas in the comments below on how Google can better support webmasters recovering from a hacked website!

Posted by Josh Feira and Yuan Niu, Search Quality Team
Categories: sysadmin

Repeated violations of Webmaster Guidelines

Google Webmaster Central Blog - Fri, 2015-09-18 04:09

In order to protect the quality of our search results, we take automated and manual actions against sites that violate our Webmaster Guidelines. When your site has a manual action taken, you can confirm in the [Manual Actions] page in Search Console which part of your site the action was taken and why. After fixing the site, you can send a reconsideration request to Google. Many webmasters are getting their manual action revoked by going through the process.

However, some sites violate the Webmaster Guidelines repeatedly after successfully going through the reconsideration process. For example, a webmaster who received a Manual Action notification based on an unnatural link to another site may nofollow the link, submit a reconsideration request, then, after successfully being reconsidered, delete the nofollow for the link. Such repeated violations may make a successful reconsideration process more difficult to achieve. Especially when the repeated violation is done with a clear intention to spam, further action may be taken on the site.

In order to avoid such situations, we recommend that webmasters avoid violating our Webmaster Guidelines, let alone repeating it. We, the Search Quality Team, will continue to protect users by removing spam from our search results.

Posted by Google Search Quality Team
Categories: sysadmin

Mobile-friendly web pages using app banners

Google Webmaster Central Blog - Tue, 2015-09-01 12:53

When it comes to search on mobile devices, users should get the most relevant answers, no matter if the answer lives in an app or a web page. We’ve recently made it easier for users to find and discover apps and mobile-friendly web pages. However, sometimes a user may tap on a search result on a mobile device and see an app install interstitial that hides a significant amount of content and prompts the user to install an app. Our analysis shows that it is not a good search experience and can be frustrating for users because they are expecting to see the content of the web page.

Starting today, we’ll be updating the Mobile-Friendly Test to indicate that sites should avoid showing app install interstitials that hide a significant amount of content on the transition from the search result page. The Mobile Usability report in Search Console will show webmasters the number of pages across their site that have this issue.

After November 1, mobile web pages that show an app install interstitial that hides a significant amount of content on the transition from the search result page will no longer be considered mobile-friendly. This does not affect other types of interstitials. As an alternative to app install interstitials, browsers provide ways to promote an app that are more user-friendly.

App install interstitials that hide a significant amount of content provide a bad search experience

App install banners are less intrusive and preferred

App install banners are supported by Safari (as Smart Banners) and Chrome (as Native App Install Banners). Banners provide a consistent user interface for promoting an app and provide the user with the ability to control their browsing experience. Webmasters can also use their own implementations of app install banners as long as they don’t block searchers from viewing the page’s content.

If you have any questions, we’re always happy to chat in the Webmaster Central Forum.

Posted by Daniel Bathgate, Software Engineer, Google Search.

Categories: sysadmin

An update on CSV download scripts

Google Webmaster Central Blog - Mon, 2015-08-31 09:09

With the new Search Analytics API, it's now time to gradually say goodbye to the old CSV download scripts for information on queries & rankings. We'll be turning off access to these downloads on October 20, 2015.

These download scripts have helped various sites & tools to get information on queries, impressions, clicks, and rankings over the years. However, they didn't use the new Search Analytics data, and relied on the deprecated Client Login API.

Farewell, CSV downloads, you've served us (and many webmasters!) well, but it's time to move on. We're already seeing lots of usage with the new API. Are you already doing something neat with the API? Let us know in the comments!

Posted by John Mueller, Webmaster Trends (and query, impression, & click trends) Analyst
Categories: sysadmin

#NoHacked: Fixing the Injected Gibberish URL Hack

Google Webmaster Central Blog - Mon, 2015-08-24 12:56
Today in our #NoHacked campaign, we’ll be discussing how to fix the injected gibberish URL hack we wrote about last week. Even if your site is not infected with this specific type of hack, many of these steps can be helpful for fixing other types of hacks. Follow along with discussions on Twitter and Google+ using the #NoHacked tag. (Part 1, Part 2, Part 3, Part 4)

Temporarily Take your Site Offline

Taking your site offline temporarily will prevent your site’s visitors from going to hacked pages and give you time to properly fix your site. If you keep your site online, you run the risk of getting compromised again as you clean up your site.

Treating your Site

The next few steps require you to be comfortable making technical changes to your site. If you aren’t familiar or comfortable enough with your site to make these changes, it might be best to consult with or hire someone who is. However, reading through these steps will still be helpful.

Before you start fixing your site, we advise that you back up your site. (This backed up version will still contain hacked content and should only be used if you accidentally remove a critical file.) If you’re unsure how to back up your site, ask your hosting provider for assistance or consult your content management system (CMS) documentation. As you work through the steps, any time you remove a file, make sure to keep a copy of the file as well.

Checking your .htaccess file

In order to manipulate your site, this type of hack creates or alters the contents of your .htaccess file. If you’re not sure where to find your .htaccess file, consult your server or CMS documentation.

Check the contents of your .htaccess file for any suspicious content. If you’re not sure how to interpret the contents of the .htaccess file, you can read about it on the documentation, ask in a help forum, or you can consult an expert. Here is an example of a .htaccess modified by this hack:

  • <IfModule mod_rewrite.c> 
  •   RewriteEngine On  
  •   #Visitors that visit your site from Google will be redirected  
  •   RewriteCond %{HTTP_REFERER} google\.com 
  •   #Visitors are redirected to a malicious PHP file called happypuppy.php 
  •   RewriteRule (.*pf.*) /happypuppy.php?q=$1 [L] 
  • </IfModule>

Identifying other malicious files

The most common types of files that are modified or injected by this hack are JavaScript and PHP files. Hackers typically take two approaches: The first is to insert new PHP or JavaScript files on your server. The inserted files can sometimes be named something very similar to a legitimate file on your site like wp-cache.php versus the legitimate file wp_cache.php. The second approach is to alter legitimate files on your server and insert malicious content into these files. For example, if you have a template or plugin JavaScript file on your site, hackers might add malicious JavaScript to the file.

For example, on a malicious file named happypuppy.php, identified earlier in the .htaccess file, was injected into a folder on the site. However, the hackers also corrupted a legitimate JavaScript file called json2.js by adding malicious code to the file. Here is an example of a corrupted json2.js file. The malicious code is highlighted in red and has been added to the very bottom of the json2.js file:

To effectively track down malicious files, you’ll need to understand the function of the JavaScript and PHP files on your site. You might need to consult your CMS documentation to help you. Once you know what the files do, you should have an easier time tracking down malicious files that don’t belong on your site.

Also, check your site for any recently modified files. Template files that have been modified recently should be thoroughly investigated. Tools that can help you interpret obfuscated PHP files can be found in the Appendix.

Removing malicious content

As mentioned previously, back up the contents of your site appropriately before you remove or alter any files. If you regularly make backups for your site, cleaning up your site might be as easy as restoring a clean backed-up version.

However, if you do not regularly back up your site, you have a few alternatives. First, delete any malicious files that have been inserted on your site. For example, on, you would delete the happypuppy.php file. For corrupted PHP or JavaScript files like json2.js, you’ll have to upload a clean version of those files to your site. If you use a CMS, consider reloading a fresh copy of the core CMS and plugin files on your site.

Identifying and Fixing the Vulnerability

Once you’ve removed the malicious file, you’ll want to track down and fix the vulnerability that allowed your site to be compromised, or you risk your site being hacked again. The vulnerability could be anything from a stolen password to outdated web software. Consult Google Webmaster Hacked Help for ways to identify and fix the vulnerability. If you’re unable to figure out how your site was compromised, you should change your passwords for all your login credentials,update all your web software, and seriously consider getting more help to make sure everything is ok.

Next Steps

Once you’re done cleaning your site, use the Fetch as Google tool to check if the hacked pages still appear to Google. Don’t forget to check your home page for hacked content as well. If the hacked content is gone, then, congratulations, your site should be clean! If the Fetch as Google tool is still seeing hacked content on those hacked pages, you still have work to do. Check again for any malicious PHP or JavaScript files you might have missed.

Bring your site back online as soon as you’re sure your site is clean and the vulnerability has been fixed. If there was a manual action on your site, you’ll want to file a reconsideration request in Search Console. Also, think about ways to protect your site from future attacks. You can read more about how to secure your site from future attacks in the Google Hacked Webmaster Help Center.

We hope this post has helped you gain a better understanding of how to fix your site from the injected gibberish URL hack. Be sure to follow our social campaigns and share any tips or tricks you might have about staying safe on the web with the #nohacked hashtag.

If you have any additional questions, you can post in the Webmaster Help Forums where a community of webmasters can help answer your questions. You can also join our Hangout on Air about Security on August 26.


These are tools that may be useful. Google doesn't run or support them.

PHP Decoder, UnPHP: Hackers will often distort PHP files to make them harder to read. Use these tools to clean up the PHP files so you understand better what the PHP file is doing.

Posted by: Eric Kuan, Webmaster Relations Specialist & Yuan Niu, Webspam Analyst
Categories: sysadmin

#NoHacked: Identifying and Diagnosing Injected Gibberish URL Hacking

Google Webmaster Central Blog - Mon, 2015-08-17 13:08
Today in our #NoHacked campaign, we’ll be discussing how to identify and diagnose a trending hack. Even if your site is not infected with this specific type of hack, many of these steps can be helpful for other types of hacks. Next week, we’ll be following up with a post about fixing this hack. Follow along with discussions on Twitter and Google+ using the #NoHacked tag. (Part 1, Part 2, Part 3)

Identifying Symptoms
Gibberish pages
The hallmark of this type of hacking is spammy pages that appear to be added to the site. These pages contain keyword-rich gibberish text, links, and images in order to manipulate search engines. For example, the hack creates pages like which contain gibberish content like below:

This hack often uses cloaking to avoid webmasters from detecting it. Cloaking refers to the practice of presenting different content or URLs to webmasters, visitors, and search engines. For example, the webmaster of the site might be shown an empty or HTTP 404 page which would lead the webmaster to believe the hack is no longer present. However, users who visit the page from search results will still be redirected to spammy pages, and search engines that crawl the site will still be presented with gibberish content.

Monitoring your Site
Properly monitoring your site for hacking allows you to remedy the hack more quickly and minimize damage the hack might cause. There are several ways you can monitor your site for this particular hack.

Looking for a surge in website traffic

Because this hack creates many keyword heavy URLs that are crawled by search engines, check to see if there was any recent, unexpected surges in traffic. If you do see a surge, use the Search Analytics tool in Search Console to investigate whether or not hacked pages are the source of the unusual website traffic.

Tracking your site appearance in search results

Periodically checking how your site appears in search results is good practice for all webmasters. It also allows you to spot symptoms of hacking. You can check your site in Google by using the site: operator on your site (i.e. search for If you see any gibberish links associated with your site or a label that says “This site may be hacked.”, your site might have been compromised. 

Signing up for alerts from Google

We recommend you sign up for Search Console. In Search Console, you can check if Google has detected any hacked pages on your site by looking in the Manual Actions Viewer or Security Issues report. Search Console will also message you if Google has detected any hacked pages on your site.

Also, we recommend you set up Google Alerts for your site. Google Alerts will email you if Google finds new results for a search query. For example, you can set up a Google Alert for your site in conjunction with common spammy terms like [ cheap software]. If you receive an email that Google has returned a new query for that term, you should immediately check what pages on your site are triggering that alert.

Diagnosing your Site
Gathering tools that can help

In Search Console, you have access to the Fetch as Google tool in Search Console. The Fetch as Google tool allows you to see a page as Google sees it. This will help you to identify cloaked hacked pages. Additional tools from others, both paid and free, are listed in the appendix to this post.

Checking for hacked pages

If you’re not sure if there is hacked content on your site, the Google Hacked Troubleshooter can walk you through some basic checks. For this type of hack, you’ll want to perform a site: search on your site. Look for suspicious pages and URLs loaded with strange keywords in the search results. If you have a large number of pages on your site, you might need to try a more targeted query. Find common spam terms and append them to your site: search query like [ cheap software]. Try this with several spammy terms to see if any results show up.

Checking for cloaking on hacked pages

Because this type of hacking employs cloaking to prevent accurate detection, it’s very important that you use the Fetch as Google tool in Search Console to check the spammy pages you found in the previous step. Remember, cloaked pages can show you an HTTP 404 page that tricks you into thinking the hack is fixed even if the page is still live. You should also use Fetch as Google on your homepage as well. This type of hack often adds text or links to the homepage.

We hope this post has given you a better idea of how to identify and diagnose hacks that inject gibberish URLs on your site. Tune in next week where we’ll be explaining how to remove this hack from your site. Be sure to follow our social campaigns and share any tips or tricks you might have about staying safe on the web with the #NoHacked hashtag.

If you have any additional questions, you can post in the Webmaster Help Forums where a community of webmasters can help answer your questions. You can also join our Hangout on Air about Security on August 26.

These are tools that scan your site and may be able to find problematic content. Other than VirusTotal, Google doesn't run or support them.

Virus Total,, Sucuri Site Check, Wepawet: These are tools that may be able to scan your site for problematic content. Keep in mind that these scanners can’t guarantee that they will identify every type of problematic content.

Posted by Eric Kuan, Webmaster Relations Specialist & Yuan Niu, Webspam Analyst
Categories: sysadmin

#NoHacked: Using two-factor authentication to protect your site

Google Webmaster Central Blog - Mon, 2015-08-10 12:53
Today in our #nohacked campaign, we’ll be talking about two-factor authentication. Follow along with discussions on Twitter and Google+ using the #NoHacked tag. (Part 1, Part 2)
There was once a time when having a relatively strong password or answering a security question was a reasonable way to protect your online accounts. However, according to a study from Stop Badware, stolen credentials is a common way for hackers to compromise websites. Additionally, even reputable sites can fall victim to hacking, potentially exposing your personal data like passwords to attackers.

Fortunately, two-factor authentication can help you keep your accounts safer. Two-factor authentication relies on an additional source of verification, in conjunction with your password, to access your account. You might have used two-factor authentication before if you have ever been prompted for a code from your phone when logging into a social media site or from a chip card reader when logging into a bank account. Two-factor authentication makes it more difficult for someone to log into your account even if they have stolen your password.

As a website owner, you should enable two-factor authentication on your accounts where possible. A compromised account can cause you to lose important personal data and valuable reputation for your site. Two-factor authentication can give you the ease of mind that your accounts and data are safer. 

Google currently offers 2-Step Verification for all of its accounts, including accounts from Google Apps domains. You can use your phone, a hardware token like a Security Key, or the Google Authenticator app to verify your account. These options give you flexibility when traveling or when you don’t have access to the mobile network.

If your hosting provider, Content Management System (CMS), or any type of platform you use for managing your site doesn’t offer two-factor authentication, ask their customer support for an option to use two-factor authentication in the future.They can build two-factor authentication into their own platforms using Google’s open source code. If your platform or hoster doesn’t provide strong protection against unauthorized access consider hosting your content elsewhere. You can see a list of websites that support two-factor authentication, including what types of authentication options they offer, at

If you have any additional questions, you can post in the Webmaster Help Forums where a community of webmasters can help answer your questions. You can also join our Hangout on Air about Security on August 26.

Posted by: Eric Kuan, Webmaster Relations Specialist & Yuan Niu, Webspam Analyst
Categories: sysadmin