Skip to content
    Moz logo Menu open Menu close
    • Products
      • Moz Pro
      • Moz Pro Home
      • Moz Local
      • Moz Local Home
      • STAT
      • Moz API
      • Moz API Home
      • Compare SEO Products
      • Moz Data
    • Free SEO Tools
      • Domain Analysis
      • Keyword Explorer
      • Link Explorer
      • Competitive Research
      • MozBar
      • More Free SEO Tools
    • Learn SEO
      • Beginner's Guide to SEO
      • SEO Learning Center
      • Moz Academy
      • SEO Q&A
      • Webinars, Whitepapers, & Guides
    • Blog
    • Why Moz
      • Agency Solutions
      • Enterprise Solutions
      • Small Business Solutions
      • Case Studies
      • The Moz Story
      • New Releases
    • Log in
    • Log out
    • Products
      • Moz Pro

        Your all-in-one suite of SEO essentials.

      • Moz Local

        Raise your local SEO visibility with complete local SEO management.

      • STAT

        SERP tracking and analytics for enterprise SEO experts.

      • Moz API

        Power your SEO with our index of over 44 trillion links.

      • Compare SEO Products

        See which Moz SEO solution best meets your business needs.

      • Moz Data

        Power your SEO strategy & AI models with custom data solutions.

      Discover top competitors’ winning content
      What's New

      Discover top competitors’ winning content

      Learn More
    • Free SEO Tools
      • Domain Analysis

        Get top competitive SEO metrics like DA, top pages and more.

      • Keyword Explorer

        Find traffic-driving keywords with our 1.25 billion+ keyword index.

      • Link Explorer

        Explore over 40 trillion links for powerful backlink data.

      • Competitive Research

        Uncover valuable insights on your organic search competitors.

      • MozBar

        See top SEO metrics for free as you browse the web.

      • More Free SEO Tools

        Explore all the free SEO tools Moz has to offer.

      What is your Brand Authority?
      Moz

      What is your Brand Authority?

      Take the quiz
    • Learn SEO
      • Beginner's Guide to SEO

        The #1 most popular introduction to SEO, trusted by millions.

      • SEO Learning Center

        Broaden your knowledge with SEO resources for all skill levels.

      • On-Demand Webinars

        Learn modern SEO best practices from industry experts.

      • How-To Guides

        Step-by-step guides to search success from the authority on SEO.

      • Moz Academy

        Upskill and get certified with on-demand courses & certifications.

      • SEO Q&A

        Insights & discussions from an SEO community of 500,000+.

      Unlock flexible pricing & new endpoints
      The Moz API

      Unlock flexible pricing & new endpoints

      Find your plan
    • Blog
    • Why Moz
      • Small Business Solutions

        Uncover insights to make smarter marketing decisions in less time.

      • Agency Solutions

        Earn & keep valuable clients with unparalleled data & insights.

      • Enterprise Solutions

        Gain a competitive edge in the ever-changing world of search.

      • The Moz Story

        Moz was the first & remains the most trusted SEO company.

      • Case Studies

        Explore how Moz drives ROI with a proven track record of success.

      • New Releases

        Get the scoop on the latest and greatest from Moz.

      Surface actionable competitive intel
      New Feature: Moz Pro

      Surface actionable competitive intel

      Learn More
    • Log in
      • Moz Pro
      • Moz Local
      • Moz Local Dashboard
      • Moz API
      • Moz API Dashboard
      • Moz Academy
    • Avatar
      • Moz Home
      • Notifications
      • Account & Billing
      • Manage Users
      • Community Profile
      • My Q&A
      • My Videos
      • Log Out

    The Moz Q&A Forum

    • Forum
    • Questions
    • Users
    • Ask the Community

    Welcome to the Q&A Forum

    Browse the forum for helpful insights and fresh discussions about all things SEO.

    1. Home
    2. Research & Trends
    3. White Hat / Black Hat SEO
    4. Website mallware attacks

    Website mallware attacks

    White Hat / Black Hat SEO
    5
    10
    1536
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as question
    Log in to reply
    This topic has been deleted. Only users with question management privileges can see it.
    • maestrosonrisas
      maestrosonrisas last edited by

      I keep getting attacks to my website every time that are being blocked by OSE firewall

      Is there any way to stop this?

      I am affraid because they actually manage enter my website on the past, and i dont know if they can enter on the future or if having all the pluggins and wordpress updated. I am safe enough, and i am not sure if there is any type of virus on my computer Macbook as those attacked pages were recently updated from my computer.

      Is there any malware scan for Mac

      Thanl you

      == Attack Details ==

TYPE: Found Basic DoS Attacks
DETECTED ATTACK VALUE: dDos Attack
ACTION: Blocked
LOGTIME: 2013-02-25 11:48:18
FROM IP: http://whois.domaintools.com/75.126.24.81
URI: [http://www.propdental.es/](http://www.propdental.es/)
METHOD: HEAD
USERAGENT: N/A
REFERRER: N/A

      == Attack Details ==

TYPE: Found Basic DoS Attacks
DETECTED ATTACK VALUE: dDos Attack
ACTION: Blocked
LOGTIME: 2013-02-25 10:13:17
FROM IP: http://whois.domaintools.com/107.21.150.82
URI: [http://www.propdental.es/blanqueamiento-dental/](http://www.propdental.es/blanqueamiento-dental/)
METHOD: HEAD
USERAGENT: N/A
REFERRER: N/A

      ```
== Attack Details ==

TYPE: Found Malicious User Agent
DETECTED ATTACK VALUE: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
ACTION: Blocked
LOGTIME: 2013-02-25 03:13:52
FROM IP: http://whois.domaintools.com/119.245.226.74
URI: [http://www.propdental.es/sonrisas/los-martinez/](http://www.propdental.es/sonrisas/los-martinez/)
METHOD: HEAD
USERAGENT: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
REFERRER: N/A
```

```
      1 Reply Last reply Reply Quote 0
      • maestrosonrisas
        maestrosonrisas @maestrosonrisas last edited by

        I have sucuri pluggin payed suscription. I will reactivated again. My web host is not 6 dolars. But is a shared one of 400 dolars. Actually they are good and thanks to them i could find the files on the server. What i cannot find is where is the gate. And if is there something on my computer or website Because the attacks starts and are directed to new created content pages. And less to old ones

        1 Reply Last reply Reply Quote 0
        • BlueprintMarketing
          BlueprintMarketing @maestrosonrisas last edited by

          Site checked it ok http://sitecheck.sucuri.net/results/www.propdental.com/

          1 Reply Last reply Reply Quote 0
          • BlueprintMarketing
            BlueprintMarketing @maestrosonrisas last edited by

            Sucuri is not a firewall. As explained before end up there it is a malware removal tool. And it alert you to issues with your site and will tell you when you need to update things to prevent malware attacks. Only disable plug-ins that you do not trust. As long as Plug-in is trusted and is updated and it is especially Sucuri hardening plug-in or one makes it will help your website in this case you really didn't give them a chance to do anything. If you use secure I correctly keep the plug-in on and have a paid subscription with them they will Clean up the mess that the attack causes. However if you do not have a subscription with them all they do is tell you what's wrong with your site that she may go to their website and put a new URL and it will show you what's wrong with your website. I think they're great company and I've worked with a lot of security people and hosts look at fire host and Send them a message asking what you can do about DOS attack protection. They will tell you it's not going to help just unless you actually have a real firewall with that you're on your host Sucuri is not a firewall they don't claim to be a firewall that used in conjunction with a strong web host / firewall you can get a better host or your can get cloudflare's $200 DOS protection package and that will help you in the future. I would Strumness just a better web host. I think anyone posting WordPress on a shared server that is a generic shared server is out of their mind and you're going to keep dealing with problems like this and that's what you get six dollars a month. I don't mean to sound rude at all I'm just telling you I know exactly what it is like to Expect your very inexpensive web host to take care of a huge problem for web hosts. If you truly want protection change house or add a real firewall. I hope that Bienenfeld sincerely, Thomas

            1 Reply Last reply Reply Quote 0
            • maestrosonrisas
              maestrosonrisas @BlueprintMarketing last edited by

              I have used sucuri on this web www.propdental.com with no good results. They manage to enter the site and upload lots of malware. I just manage to stop them with the OSE firewall.

              Thanks for the information. I did not know that i had a problem. I was just afraid.

              Can you find out if there also a problem on propdental.com

              I had sucuri pluggin instaled, but i disable all pluggins when the attack appened has i didn´t know were they were coming from.

              The damage still running on previous site was google indexed lots of my pages on the spam url they they were redirected

              BlueprintMarketing maestrosonrisas 3 Replies Last reply Reply Quote 0
              • BlueprintMarketing
                BlueprintMarketing @ThompsonPaul last edited by

                Paul,

                very well said and very well explained. Your post is the one to blame new DOS attack not to blame because they brought the attack on them but the one that should clean it up

                you are their customer. Remember there's a reason why malware is so popular and this is it I know Zippy kid spent a couple hundred grand on their firewall that cannot be said for many other shared hosting companies. Page.ly gives you a very good idea of what is going on every day with to a web host with this link

                http://blog.page.ly/2012/12/wordpress-security-an-infographic-on-common-malware-and-attacks/#comment-23076

                the nice thing about firehost.com company that page.ly is built on is they are HIPPA certified that means they can keep medical data about patients on their servers. That's a huge deal.

                I know I've been hosting on all the managed WordPress host's and they've all done fantastic jobs have never been hacked but that doesn't mean I never could be.

                Zippy kid recently was DOS attack and their firewall went up to 85%. They thought they might have to null route the IP addresses being attacked. that would hurt their clients on the IP though having no inbound traffic so they did something unique simply because the control the DynECT DNS changed the IP making four less the 20 people with 3 min down time this was an a enormous attack that I'm talking about.

                they did what the best host's do stay prepared for the worst and be ready when it happens. Because it will happen no one never goes down no one is immune to attack you can only make a smart decision to go with web hosting companies that actually take security seriously. Go Daddy at $3.50 a month does not care about your security.

                Good job explaining a DOS attack Paul.

                1 Reply Last reply Reply Quote 0
                • ThompsonPaul
                  ThompsonPaul last edited by

                  To add to what Daniel has said...

                  DoS and DDoS attacks are not malware or viruses trying to infect your website. The are Denial of Service or Distributed Denial of Service attacks, which are essentially attempts to crash your website by flooding it with so many requests for pages that the webserver overloads and crashes, or at least slows down so much that the site becomes unusable.

                  Sometimes these are maliciously aimed at a particular website to do the business harm, sometimes they are aimed at a host or server in general.

                  There's not much you can about them except protect against them with smart firewalls as you are doing. It's in your host's best interest to help you with this, as the attack can hurt other users on the server if it's a shared server.

                  Trying to track the source of the attacks is pretty much pointless because the computers doing the attacking usually belong to unsuspecting users who's machines have been infected with malware that is doing the attacking unbeknownst to them. (That's the kind of infection you want antivurus/antimalware on your own computer for - to make sure your computer hasn't been corrupted to be used as one of the "bots" attacking other people's websites.)

                  There are a number of additional steps you can take to protect your WordPress install from hacking (a solid, tested, consistent backup strategy is critical), but this issue isn't a hack attempt, as I've stated,. It's an attempt to flood your site with so many worthless visits that it can't keep up. So no amount of customizing WordPress will protect from this kind of attack. It has to be done at the server and network level.

                  Hope that makes sense?

                  Paul

                  BlueprintMarketing 1 Reply Last reply Reply Quote 2
                  • BlueprintMarketing
                    BlueprintMarketing last edited by

                    I would use sucuri

                    http://sucuri.net/

                    They are the beat if you want to not worry about DDOS I would use Page.ly to host my site

                    ZippyKid.com has a great firewall as well so dose websynthesis.com & WPengine.com

                    I know FireHost.com is about the best there is and Page.ly uses them

                    http://sitecheck.sucuri.net/results/www.propdental.es/

                    You still have a problem

                    Wordpress internal path: /usr/home/propdental.es/web/wp-content/themes/propdental/index.phpWordpress internal path: /usr/home/propdental.es/web/wp-content/themes/propdental/index.php

                    maestrosonrisas 1 Reply Last reply Reply Quote 0
                    • djlaidler
                      djlaidler last edited by

                      Hi,

                      Using WordPress I would recommend WordFence. If the DDOS attack is simply an attempt to overload your server with bogus requests there is not a huge amount that can be done as it act sin a similar manner to gaining a lot of traffic from say a marketing exercise.

                      But if the DDOS is attempting to hack into your site, there are a number of preventative measures that the plugin does to ensure it is not an easy task.

                      Firstly ensure all your plugins are up to date along with the WordPress build. Disable any plugins that you are not 100% sure of.

                      Upon installation of the WordFence plugin, I would highly recommend going to options -> Login Security Options and changing

                      Lock out after how many login failures & Lock out after how many forgot password attempts TO 5 attempts max

                      AND

                      Amount of time a user is locked out TO 2hrs minimum

                      Also by adding your email at the top of the options you will be alerted when anything occurs on your site (including legitimate logins) so that you can make informed decisions.

                      Oh, and unless you are actually serving the site up from you Mac OR are concerned that the attacks you have experienced are coming from your machine (with a DDOS, I would find it unlikely), Malware software will not be helpful in this scenario.

                      Dan

                      1 Reply Last reply Reply Quote 2
                      • AgentsofValue
                        AgentsofValue last edited by

                        Hi there,

                        Try Sophos Anti-Virus for Mac Home Edition.

                        This is one of the most reputable malware scanner for Mac.

                        1 Reply Last reply Reply Quote 1
                        • 1 / 1
                        • First post
                          Last post

                        Got a burning SEO question?

                        Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.


                        Start my free trial


                        Browse Questions

                        Explore more categories

                        • Moz Tools

                          Chat with the community about the Moz tools.

                        • SEO Tactics

                          Discuss the SEO process with fellow marketers

                        • Community

                          Discuss industry events, jobs, and news!

                        • Digital Marketing

                          Chat about tactics outside of SEO

                        • Research & Trends

                          Dive into research and trends in the search industry.

                        • Support

                          Connect on product support and feature requests.

                        • See all categories

                        Related Questions

                        • Sudsat

                          Can I create a new Website to promote just one set of services from a list of several services?

                          Hi, I have a 10 years old website, where I promote all my services - around 30 of them under 5 main categories. For example, my current website promotes these services. A service - with a1, a2, a3 services B service - with b1, b2, b3 services C service - with c1, c2, c3 services D service - with d1, d2, d3 services E service - with e1, e2, e3 services Now I want to promote just "A service" with its sub-services into a separate website, as that service is in demand now and also those keywords should be my main keywords. I want to connect my old website with the new one, to increase the trust among users. Can I do this? I hope I am not violating any Google rules by doing this. Please help with suggestions. Thanks. Jessi.

                          White Hat / Black Hat SEO | | Sudsat
                          0
                        • HansiAliya

                          Why google is catching my website late

                          Hello, I hope you all guys are doing great. Recently, I published my over my website and within almost 10 mins, it was indexed completely and I also personally checked it in google search console. The URL was indexed but the problem is, it does not appear in Google Search. Sometimes in search result I notice Google shows a result who is published 10-30 mins ago but this is not the case with my website. All articles just show in Google SERP after 1-2 days. What can be the reason behind this, although DA, PA is good (28-31).

                          White Hat / Black Hat SEO | | HansiAliya
                          0
                        • rdudkiewicz

                          Penalty because of logo banner in sidebar of external website?

                          Dear mozzers, One of our pages is not ranking (well). I wrote another question about this here on Moz. I just discovered that there is an external website that has a banner to our page in the sidebar. The banner is on every 134+ pages of that site. It is in a banner slider and only show for a few seconds every now and then. The link is not "nofollow". It seems that our page dropped from Google slightly after this banner was added. However I am completely sure about this. The link is over here in the banner carousel/slider in the sidebar: http://www.wierszowisko.com/ My questions are: Could this banner log cause a penalty for our page? If so what can we do to undo this? Ask the webmaster to remove the link? Disavow on Google? How does this exactly work?

                          White Hat / Black Hat SEO | | rdudkiewicz
                          1
                        • Shanaki

                          Black Seo --> Attack

                          Hello there, Happy new year for everyone, and good luck this year. I have a real problem here, I saw in MOZ link history that somehow the "Total Linking Root Domains" is growing from a medium of 30 - 40 to 240 - 340 links and keep it growing. I guess somebody make me good joke, cause i did not buy any link :)) even cn, brasil, jp links, my store is from Romania. How I can block these links I think google will make me bad instead. What should i do? Thank you so much. With respect,
                          Andrei 0tYg1wB.png

                          White Hat / Black Hat SEO | | Shanaki
                          0
                        • Heehaw

                          Website not listing in google - screaming frog shows 500 error? What could the issue be?

                          Hey, http://www.interconnect.org.uk/ - the site seems to load fine, but for some reason the site is not getting indexed.   I tried running the site on screaming frog, and it gives a 500 error code, which suggests it can't access the site?  I'm guessing this is the same problem google is having, do you have any ideas as to why this may be and how I can rectify this? Thanks, Andrew

                          White Hat / Black Hat SEO | | Heehaw
                          0
                        • chanel27

                          Is Meta Keywords Important For Websites?

                          Hi, I understand that meta title and descriptions are very important for websites. I would like to know if meta keywords are important? I have seen people talking about meta keywords are useless and it should be removed from the website to prevent competitors from knowing your keywords. Anyone has anything to share? 🙂

                          White Hat / Black Hat SEO | | chanel27
                          0
                        • JessTopps

                          Domain Structure For A Network of Websites

                          To achieve this we need to set up a new architecture of domains and sub-websites to effectively build this network. We want to make sure we follow the right protocols for setting up the domain structures to achieve good SEO for the primary domain and local websites. Today we have our core website at www.doctorsvisioncenter.com which will ultimately will become dvceyecarenetwork.com. That website will serve as the core web presence that can be custom branded for hundreds. For example, today you can go to www.doctorsvisioncenter.com/pinehurst.  Note when you start there, you can click around and it is still branded for Pinehurst or spectrum eye care.  So the burning question(s). - if I am an independent doc at www.newyorkeye.com, I could do domain forwarding but Google does not index forwarded domains so that is out.  I could do a 301 permanent redirect to my page www.doctorsvisioncenter.com/newyorkeye. I could then put a rule in the HT Access file that says if newyorkeye.com redirect to www.doctorsvisioncenter/newyorkeye and then have the domain show up as www.newyorkeye.com.  Another way to do that is we point the newyorkeye DNS to doctorsvisioncenter.com rather than a 301 redirect with the same basic rule in the HT Access file.  That means that, theoretically, every sub page would show up, for example, as www.newyorkeye.com/contact-lens-center which is actually www.doctorsvisioncenter.com/contact-lens-center.   It also means, theoretically, that it will be seen as an individual domain but pointing to all the same content under that individual domain just like potentially hundreds of others.  The goal is we build once, manage once and benefit many.  If we do something like the above which will mean that each domain will essentially be a separate domain,  but,  will google see it that way or as duplicative content? While it is easy to answer "yes" it would be duplicative, it is not necessarily the case if the content is on separate domains. Is this a good way to proceed, or does anyone have another recommendation for us?

                          White Hat / Black Hat SEO | | JessTopps
                          0
                        • 13375auc3

                          Interesting Case Study. Website with 70 PA and 73 DA but PR 0?

                          http://www.jewelry.hyper-info.com/ This website has no backlinks reported on google, but loads of backlinks across the web. It also doesn't even rank top 50 on its topic keyword [Jewelry Tips]. I would be very wary of building a link on a site like this, but thats my opinion. How would you rate this websites link based on this data?

                          White Hat / Black Hat SEO | | 13375auc3
                          0
                        Moz logo
                        • Contact
                        • Community
                        • Free Trial
                        • Terms & Privacy
                        • Accessibility
                        • Jobs
                        • Help
                        • What's New
                        • News & Press
                        • MozCon
                        © 2021 - 2024 SEOMoz, Inc., a Ziff Davis company. All rights reserved. Moz is a registered trademark of SEOMoz, Inc.

                        Looks like your connection to Moz was lost, please wait while we try to reconnect.