My wordpress website got the pharma attack. Now there are lots of spam links on my website indexed by the Google. Is there possiblilty to remove these links from the Google using robots.txt file or some other method? PS. Since I have removed the malicious code, now these spam links give 404 error. Will Google automatically remove the non-existing links ? If yes, how long it takes? Thanks.
Google probably won't remove the links on its own, if the links are showing up as coming from your website's pages then you can request that Google Remove them, you can also request links on other pages are removed (but this is a little more complicated).
Google has a useful support article on the subject.
there is a video on Seomoz about people practicing negative seo and how to combat it if youve been affected.
If you've removed the target URLs for those links, then over time those links will drop out of Google's index automatically. Additionally, in most cases where a site got hacked to add content or links, Google is pretty good at recognizing that, and at ignoring those links.
That said, it's never a bad thing to inform webmasters of hacked content / links that you find on their websites :). In my experience, not many webmasters react to that (even when Google contacts them), but overall I still think it's worthwhile to clean this kind of hacking up (when looking at the bigger picture, not just your specific website).
Resubmit your sitemap, those spam links will be automatically removed within 3 months. Otherwise you remove manually just within 3 hours.
Google Index >Url Removal
Then just submit spam links one by one that appear on Google search (
When submitting links, no need to include domain, just page link
you want remove:
So submit just
It will remove this link from search cache, as long as you have remove that link from your website as well, it won't be re-indexed again.
As John Muller said, once you clean up your website, Google is happy. It may take a while for your site to attain the higher ranking it had before, but there isn't much else you can do.
In regard to the 404, if you have the ability to do so (it can be difficult unless you can use a form of pattern) it would be to return a 410 instead of a 404. The Google Search Engine sees 404 as a "page is not there right now" and not as "the page is gone, don't try again". My latest tests show that a 410 check from Google stops fairly quickly whereas a 404 remains like forever.