Site Blacklisted
-
Good morning.
Just done my WMT ritual morning check and one of my sites has been blacklisted for malware.
It's a wordpress site - I've run various scans, e.g. http://sitecheck.sucuri.net/scanner/ and also installed wordfence and scanned with that and wordfence produced some offending files which I have now deleted.
I've also installed website defender in the hope that it wont happen again. I'm pretty good with staying on top of updates and rarely let a few days pass without upgrading new version of wordpress or plugins etc. I've also checked my users to make sure no new admins or anything and also changes passwords.
I've asked for a review from Google and just wondered how long these reviews take?
Also, has anybody got any advice, is there anything else I should be doing?
Thanks
-
That is good to hear, Jo.
Thanks for letting us know. feedback is good.
Be vigilant, because the hackers never stop.
My dedicated server constantly has hackers trying to break in, mostly chinese and russians. Complex passwords and countermeasures keep us safe, but it only takes one weak link somewhere to break it all down.
-
Thanks all for your help, I was de-blacklisted this afternoon - phew.
-
The webserver log is what you need.
You may be able to see that in Cpanel, depending on how it is configured.
The log may also be in the document root, updated daily and compressed.
If you haven't looked at logs before, it can be difficult to determine what is really going on in there.
-
I didn't check the dates
The site is less than a month old though.When you say logs, I'm not entirely sure what I'm looking for. I use cpanel so have access to various logs, but I have to admit, I haven't spent any time in there and now I'm conscious that this is something I need to educate myself on quick.
Any suggested resources for which logs to use for what?
-
Jo,
before you removed the bad files, did you check the dates?
If you have logs, you could go back to see when those files were first accessed.
Then go backwards looking for activity that doesn't look normal.
That could tell you where the problem is.
-
Thanks, I'm not so sure! I'm a freelancer and I wok on my own so I have nobody to really bounce ideas off, so this community is great for that. Glad to know I'm doing it right
I'm not a bit lover of plugins and I try to keep to a minimum, but I've removed anything unessential - even my beloved Flare sharing buttons, for now anyway.
I'll let you know when Google come back to me
-
I just want to reiterate what Andy said about sitespeed as well, try to have as little plugins as possible.
When you visit a WP site and its super slow, its usually because they have gallery plugins and all sorts running which sucks the life out of the sitespeed.
Anyway, good luck seems as though you know what your doing anyway.
-
Thanks all for your responses, much appreciated.
I installed the timthumb vulnerability scanner and it says no instances were found.
I'm going to go through and ditch the unnecessary plugins...I use woocommerce and they have recent upgrade but its not compatible with my theme so I can't update it, which is a giant pain. I hope its not that.
Thanks for your help.
-
Agree
-
I think you have already done quite a bit.
I suppose just be a little more selective which plugins you install, some have holes in and once the word is out about particular holes in certain plugins these people will come looking for blogs with it installed.
-
Hello Jo.
Do you know exactly how they got in?
If not, here is one possibility:
Check to see if you have a copy of timthumb.php
If you do, and it is an old version, it has a vulnerability you must fix, otherwise it will happen again.
Here is information about that, including a scanner that should find and fix that problem.
<cite>wordpress.org/extend/plugins/timthumb-vulnerability-scanner/</cite>
-
in my experience, and i've a fair bit with WP, the majority of malware comes from plugins which get updated and become infected themselves. Wordfence certainly can help with this problem, but a regular securi scan will too.
My advice is deactivate and uninstall any plugins you don't really need or use - this will make the site faster and more secure.
Once the malware has gone you can do as you have and ask for relisting or wait it out, google will come back and check. Manual reviews will take a few days to come back I believe, though it depends on the nature of the malware - if its believed to be complex it will be manual if its just one file being "naughty" a robot may scan your site to take a look that it's gone and it could be up in 24-48 hours.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
My site Metrics are not as per they should
Hi, I am regularly making links on my site to improve its metrics but i am confused how other people fastly improve their DA/PA and my DA/PA is not improving with that site. The same happened with spam score. It has been a month i disavow my links having spam score but instead of decrease in it, my spam score increased. Please advice. Is there any special way to use that help moz crawler to check site and update accordingly? Please help
Technical SEO | | AzadSeo37310 -
Site Not Being Indexed
Hey Everyone - I have a site that is being treated strangely by google (at least strange to me) The site has 24 pages in the sitemap - submitted to WMT'S over 30 days ago I've manually triggered google to crawl the homepage and all connecting links as well and submitted a couple individually. Google has been parked the indexing at 14 of the 24 pages. None of the unindexed URL's have Noindex or follow tags on them - they are clearly and easily linked to from other places on the site. The site is a brand new domain, has no manual penalty history and in my research has no reason to be considered spammy. 100% unique handwritten content I cannot figure out why google isn't indexing these pages. Has anyone encountered this before? Know any solutions? Thanks in advance.
Technical SEO | | CRO_first0 -
Blog on subdomain of e-commerce site
Hi guys. I've got an e-commerce site which we have very little control over. As such, we've created a subdomain and are hosting a WordPress install there, instead. This means that all the great content we're putting out (via bespoke pages on the subdomain) are less effective than if they were on the main domain. I've looked at proxy forwarding, but unfortunately it isn't possible through our servers, leaving the only option I can see being permenant redirects... What would be the best solution given the limitations of the root site? I'm thinking of wildcard rewrite rules (eg. link site.com/blog/articleTitle to blog.site.com/articleTitle) but I'm wondering if there's much of an SEO benefit in doing this? Thanks in advance for everyone's help 🙂
Technical SEO | | JAR8970 -
How to handle mobile site with less pages than the main site?
We are developing a mobile version of our website that will utilize responsive design/dynamic serving. About 70% of the main website will be included in the mobile version. What (if anything) should be the redirect for pages not included in the mobile version of the site? Also - for one specific section users will be redirected from that page to the homepage, what is the redirect that should be used for this? Thanks!
Technical SEO | | theLotter0 -
Site Map
For a long time our site map used to be http://www.efurniturehouse.com/sitemap.xml recently our hosting company changed the site map to: http://www.efurniturehouse.com/xml-sitemap.ashx I went ahead and submitted the new site maps to both Google Webmaster and Bing. I submitted the Google one on Monday and it states PENDING. ( A day later this pending) I just submitted the map to Bing. I now have 2 site maps on each. 1)Is having 2 a problem Will they ignore the old site map or can we delete and if so when can we delete I appreciate your input Regards Tony www.eFurnitureHouse.com
Technical SEO | | OCFurniture0 -
Multiple Domains for One Site
We are building a site for a new miniature golf course. They have a long name, which they don't want me to mention, but it's equivalent to a name like Golden State Golf and Putt. They also have a restaurant with its own name and brand that will be a part of the mini golf course and its website, much how Hotel websites have their restaurants on their sites. Before becoming our client they purchased golfandputt.com and want to go with this domain for simplicity sake. In addition to this domain name they purchased 7 others that contain the bussiness' full name in some way, such as: goldenstategolfandputt.com goldenstategolfandputt.net, goldenstategolf-guitar.com etc., As well as: 3 variations of the golfandputt.com domain 3 variations of the restaurants name They wish to have all of these redirect to the main website or the restaurant page to "help with SEO," as they told me. From what I have researched on SEOmoz it seems better to simply optimize the website for Golden State Golf and Putt and the restaurant page for the restaurant's name. Additionally, I'm worried that redirecting the domains to the site will actually hurt them in rankings. If someone can shed some light on what the best practices for this sort of situation are I'd be much appreciative. Apologies in advance for the lengthy explanation but its a bit of a unique situation.
Technical SEO | | TVI0 -
Duplicate Content on Multinational Sites?
Hi SEOmozers Tried finding a solution to this all morning but can't, so just going to spell it out and hope someone can help me! Pretty simple, my client has one site www.domain.com. UK-hosted and targeting the UK market. They want to launch www.domain.us, US-hosted and targeting the US market. They don't want to set up a simple redirect because a) the .com is UK-hosted b) there's a number of regional spelling changes that need to be made However, most of the content on domain.com applies to the US market and they want to copy it onto the new website. Are there ways to get around any duplicate content issues that will arise here? Or is the only answer to simply create completely unique content for the new site? Any help much appreciated! Thanks
Technical SEO | | Coolpink0
