We have observed an increasing number of sites where Google Bots have generated excess traffic or resources for a site. Generally, this has occurred after a site has been exploited. Even after malicious code has been cleaned up, Google may still have the links indexed and therefore continue to try and crawl these URL’s for months afterwards. If there are more than a few thousand pages (we’ve observed as high as 3 million), this can cause high traffic and resources (especially if it’s a WordPress 404 which isn’t cached).


Make sure you’re 100% sure the infection and/or malicious exploit has been 100% removed, otherwise these actions won’t work as expected. We have a guide on Fixing a compromised WordPress website available for guidance.

To remove pages from Google Search and prevent further issues, you can follow the steps below.

Confirming pages are indexed

There are two checks which need to be completed. The first is via the access logs of your website.

  1. Use our Viewing website access logs via Plesk article to login and read your website logs.
  2. Review access based on either 404 codes or by bot activity. You can see bots based on the robot icon used for the User Agent:
    abnormal traffic from google bots

Secondly, you can complete a Google search for your website URL and any of the URL patterns discovered in the logs. In either the address bar of your Google Chrome browser or within the search field of google.com.au, search for:

site:<yourwebsite.com.au> inurl:<themaliciousurlpattern>

For example, here’s a recent site where this was an issue:

abnormal traffic from google bots

We can see 24,100 results for the site with malicious content which Google still has indexed using an identifiable URL pattern.

Google Search Removal Request

  1. Login to your Google Search Console.
  2. Under Index within the left-hand menu, select Removals:
    abnormal traffic from google bots
  3. Click on the New Request button and then enter the URL pattern analysed in the previous step:
    abnormal traffic from google bots
  4. Click Next, then confirm you wish to remove by clicking Submit Request.
  5. Google will crawl the URL’s again and if they receive a 404, they will be removed from the index.


For further information and guidance, please review the Google support article on removal: https://support.google.com/webmasters/answer/9689846

Was this article helpful?

Related Articles