Sign in Subscribe
3 min read

Help! My site is infected with Malware!

I got an email that stopped me in my tracks the other day. It had a wonderfully intriguing title: Malware notification regarding ChristianPF.com. Apparently what had happened was that someone hacked into my forums and added a line of code that infected readers with malicious software when they visit

I got an email that stopped me in my tracks the other day. It had a wonderfully intriguing title: Malware notification regarding ChristianPF.com.

Apparently what had happened was that someone hacked into my forums and added a line of code that infected readers with malicious software when they visited the site – not cool.

Google, of course, doesn’t like this so they put up a big warning to anyone coming to my site from the search engines that looks a little like this:

malware notification warning

As you can guess, it isn’t exactly the best performing landing page.

The email I got from Google

Thankfully Google gave me a heads up in a form of an email, but they also notified me via Webmaster Tools as well.

Dear site owner or webmaster of christianpf.com,
We recently discovered that some of your pages can cause users to be infected with malicious software. We have begun showing a warning page to users who visit these pages by clicking a search result on Google.com.
We strongly encourage you to investigate this immediately to protect your visitors. Although some sites intentionally distribute malicious software, in many cases the webmaster is unaware because:
1) the site was compromised
2) the site doesn’t monitor for malicious user-contributed content
3) the site displays content from an ad network that has a malicious advertiser
If your site was compromised, it’s important to not only remove the malicious (and usually hidden) content from your pages, but to also identify and fix the vulnerability. We suggest contacting your hosting provider if you are unsure of how to proceed. StopBadware also has a resource page for securing compromised sites:
http://www.stopbadware.org/home/security
Once you’ve secured your site, you can request that the warning be removed by visiting
http://www.google.com/support/webmasters/bin/answer.py?answer=45432
and requesting a review. If your site is no longer harmful to users, we will remove the warning.
Sincerely,
Google Search Quality Team

Identifying the problem

If your site is infected and you ever get a similar email to what I got, I would suggest heading over to Webmaster Tools and checking into the messages they sent you there. For me, those messages contained more details about the specifics of the malware.

The messages gave me a specific line of code to search for on my site and by doing a right click, view source code on my site I was able to see where the code was showing up.

In my case the issue was on a vBulletin forum, so once I updated to the newest version of the software it took care of removing the malicious line of code.

What to do when you fix the problem?

Once you get the malware issue resolved, you can resubmit your site to Google for them to check it over again (you should have a link within your email notification and/or your webmaster tools notification). I just submitted this today, so I don’t really know how long it takes – hopefully it goes pretty quick!

Lessons Learned

1. Submit your blog to Google webmaster tools and check it regularly. I did get an email from them, but if I would have missed it I could have gotten a notification from Webmaster tools – which actually gave more detail about the specific issue.

2. Always keep your software up to date. Often times when you let your software get a few updates behind it becomes vulnerable to hackers. This was the cause of my problem, I skipped on about 4-5 updates. Don’t do this!

3. Consider hiring someone smarter than you. In this case I was able to find the malicious code, but if the hackers would have hidden it a little better I would have been out of luck. Using a site like CodeGarage is great because not only do they automatically backup your wordpress blogs, but they also monitor it for hacking – and will fix the issues if they arise.

Published by:

Jonathan

You might also like...

Mar
29
secret to achieving goals

3 Little-Known Secrets to Achieving Your Biggest Goals

Why is it that so few people actually reach their goals? I think if you asked the average person, they
3 min read
Sep
08
double your email list

How I Doubled My Email List in a Single Day

This is a guest post from Brad Andres. He helps people like you understand the Bible and maximize their God-given potential for life. For more of Brad’s thoughts, check out his website BradAndres.com. I get discouraged often. There’s always something new to do, a new way to promote, a new technique
4 min read
Jul
07
creative ways to make money with amazon kindle book

My 4-Step Kindle Book Revenue Engine

“I’m giving away my new book for free for the first 5 days.” These were the exact words I told me wife earlier this year. Her look was one of doubt and confusion. “Why would you do that? You’ve been working so hard on this book to turn around and just give it away?” At … My 4-Step Kindle Book Reven
4 min read
Jun
30
evernote to wordpress

Evernote to WordPress: How to Integrate Both for Your Blog Post Writing

For a long time, I’ve been wanting to figure out a way to seamlessly connect my Evernote account to my WordPress account. if you’re a blogger who loves Evernote like me, then I’d encourage you to keep reading. Here’s my latest writing workflow from the idea to the publish date using Evernote and Wor
4 min read
Jun
23
My Scrivener Walkthrough on How I Published My Book

My Scrivener Walkthrough on How I Published My Latest Book

What were the exact steps you took to write and publish your latest book? That was a question I recently received via email. I thought I’d demystify the process of how I wrote The 15 Success Traits of Pro Bloggers so you can see how simple it is to write and publish a book with … My Scrivener Walkt
3 min read