911 Hack Removal

PHP Japanese Keyword Hack & Pharma/Viagra Hack

Updated on: December 1, 2021

PHP Japanese Keyword Hack & Pharma/Viagra Hack

More than 51% of hacked websites contain SEO spam. Clearly, SEO spam attacks are a very common form of attack. SEO Spam can be of different kinds, one of the most pervasive ones include – the PHP Japanese keyword hack. Do you see strange Japanese words spread throughout your website? If yes, then your website has been a victim of PHP keyword hack, also known as, PHP Japanese Keyword hack.

php keyword hack
Example of a PHP keyword hack

In a PHP keyword hack, auto-generated gibberish texts start appearing on pages all over our website. Attackers register themselves as owners of these texts and hijack search engine results. These pages also often contain links to websites selling fake merchandise. This shows how attackers monetize from the insertion of these illicit and malicious links. A PHP Japanese keyword hack, pages start appearing with arbitrary Japanese titles and descriptions in search engine results. Such types of SEO attacks are also known as “Japanese SEO spam” or “Japanese symbol hack”.

How does this PHP keyword hack affect my website?

Cyber-attacks can cause short term effects as well as long term effects on a website. Cases like an SEO spam hack or SEO poisoning leave behind a trail of destruction that might be very difficult to rectify. In these cases, even after you have removed the malware and cleaned the malicious links, it is almost impossible to restore your SERPs and Google ranking back to what they were before the hack instantly. Which is why PHP keyword hacks are all the more detrimental.

Not to forget that a lot of effort goes into creating a website and building its reputation. A website’s branding is often the first casualty of a PHP Japanese keyword hack.

In fact, while investigating PHP keyword hack on one of our client’s website, we found that there was a sharp decline in visitors right after the website was hacked. Metrics such as total clicks, impressions, and even average CTR and position saw a decline during the time the website was hacked. Also, since SEO of the website took a hit, it left a lasting impact.

Accurate, fast & machine learning powered website malware scanner now at your finger tips.

Check website blacklist | Run 140+ security tests | Check for SEO spam & Japanese keyword hack
Scan your website
with free website malware scanner!

How to confirm PHP keyword hack?

Identify the hack using Google search engine

You can find pages that contain Japanese spam texts by using the command in Google search: site:[root site url] japan. This command will show up those pages from your website that contains the word “japan”. If you find any such pages then there is a PHP keyword hack on your website.

Take a look in Google Search console

Google search console contains all information about your website and is widely used by webmasters to control and maintain their websites. Once you log into the console, navigate to the “Security Issues Tool” option, and check all the results. If there is any PHP keyword hack present on your website, it might be listed.

Run your website through a scanner

Using a PHP Japanese keyword hack checker tool you can easily detect any hack within your website without all the hassle. In this link, you will find Astra’s PHP Japanese SEO hack scanner. This scanner will go through your entire website and find every infected page for cleanup.

Fixing the PHP Keyword hack

Backing up your website

Having a backup of your website is always a good idea as it can come handy to quickly install a fresh copy of your website and bring it up back online. However, before cleaning this malware, ensure that you have a backup of your website. In case something goes wrong, you can load up your backup version.

Verify any new user accounts in Google search console

In most cases, attackers have access to admin privileges and through it, they can change the settings of your website or install the PHP keyword hack. After you log in to your Search Console, check all the users that have admin access. If you find any unknown or suspicious users, remove them as they might be attackers.

Check your ‘.htaccess’ file

The ‘.htaccess’ file is one of the most important files for a website. Once attackers have access to it, they can redirect users and search engines to harmful pages or websites. If you have a clean copy of the file, replace the infected one with it. Audit the code and if you find any suspicious code snippets, you can comment them out by using “#”.

Verify the sitemaps in your website

Attackers often edit sitemaps or add new ones to make their links indexed faster. Check existing sitemaps and make sure that there are no unknown or addition or edits. If you find any new sitemaps, check them to see if they contain spammy links.

Check wp-config files

The Wp-config file holds all the configurations of your website. If attackers get access to this file, then they can easily edit the file to add malicious links and change the settings to make the PHP keyword hack more effective.Open the file and check if there are any recent unknown edits. Editing this file can be a risky task, as any deletion of vital files might bring down your website. Take a backup of this file before you make any changes in this file, which you can use in case of any unwanted errors in the file.

Remove uploaded malicious files

To find malicious files uploaded on your website you can go to the wp-content/uploads directory. Look for files that have blacklisted extensions such as ‘.php’, ‘js’ or ‘.ico’. Such files are often malicious in nature and are the cause of PHP keyword hack. Remove all such files to stop the hack.

Replace all core files, plugin and theme files

If you have a clean backup of your core files, you can replace the infected files with the backup files. It will ensure that all harmful codes or settings are undone.

Use a malware scanner

Using a malware scanner such as Astra’s will find any hidden malware on your website and remove it. It will crawl through your entire site and identify any harmful files or programs that might be purposefully hidden by attackers to make it difficult to detect and remove.

Also, check our detailed PHP Hack & Malware Removal Guide for more comprehensive steps.

30,000 websites get hacked every single day. Are you next?

Secure your website from malware & hackers using Website Protection before it is too late.


It takes a lot of time and effort to build up a brand image and a simple PHP Japanese keyword hack can ruin it all. Even if you are able to proactively remove the hack, the impact can linger on, and recreating the reputation might feel like starting from scratch. By following a few simple steps such as below, you can keep your website safe from these hacks:

  • Change all default passwords and use strong alphanumeric passwords for your account. Additionally, using 2 Factor Authentication will strengthen your website’s security and protect your users
  • Use firewalls such as Astra, to keep harmful elements at bay. Astra’s security suite automatically protects your website and stops all malicious requests from even reaching your website. You can learn more about our security service here.
  • Have regular backups of your website. Having a clean copy of your website is always helpful and especially in case, your website is brought down by attackers. Using the backup copy will allow you to quickly bring it back online. Most hosting servers provide options for automatic periodic backups

Want to know more or have a quick question? Talk with our engineers!

We are always online! 😊

Investing in your website’s security is something that reaps benefits in the long run and prevents any potential losses. We understand how much hard work went on creating your website, and we at Astra can provide you the best security solutions for your website. With us, you will never have to worry about your website’s security.

Shikhil Sharma

Shikhil Sharma is the founder & CEO of Astra Security. Being involved with cybersecurity for over six years now, his vision is to make cyber security a 5-minute affair. Shikhil plays on the line between security and marketing. When not thinking about how to make Astra super simple, Shikhil can be found enjoying alternative rock or a game of football. Astra Security has been rewarded at Global Conference on Cyber Security by PM of India Mr. Narendra Modi. French President Mr. François Hollande also rewarded Astra under the La French Tech program. Astra Security is also a NASSCOM Emerge 50 company.
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments

Psst! Hi there. We’re Astra.

We make security simple and hassle-free for thousands
of websites and businesses worldwide.

Our suite of security products include a vulnerability scanner, firewall, malware scanner and pentests to protect your site from the evil forces on the internet, even when you sleep.

earth spiders cards bugs spiders

Made with ❤️ in USA France India Germany