Google Malware Message
-
*Update 9/19/2013
So I finally have more details the site is a joomla site and is hosted on godaddy. The weird thing is the malware message only appears when browsing the site in chrome it comes up fine in internet explorer any specific reason why that would be? Also we noticed that on the joomla template there were about 6 scripts after the tag that were adult site related and have nothing to do with our site, any ideas? I appreciate all/any suggestions and or advice. Thank You.
I had a client recently pay about $300 for a site design that she hosted on go daddy. This is the site www.shirianfabric.com can anyone tell me why this would happen its only been live for about three months and out of no where we get this message? My client is thinking maybe the designer inserted some kind of malicious code?as he is now charging a couple hundred to fix the issue. Is there any way to look further into this? Im not sure a webmasters account was ever set up for this site so any advice would be greatly appreciated. Thanks.
-
Thank You! The site in question had the same malicious scripts detailed here. After finding them and removing them the site is up and running as it should thanks again for the advice.
-
Thank you very much for the links you provided. After doing some research I found some shady scripts on the website templates after removing the scripts everything seemed to work fine. We have changed the login info because unfortunately it looks as if the designer himself inserted the malicious code. Again thanks for the links and the info they got me on the right track.
Below is the malicious script for anyone having similar issues
-
I checked the site, and saw something a bit odd. This link kinda explains the problem, as you have the same code they have identified as a problem.
http://www.oxwall.org/forum/topic/11304
I would recommend in the first instance your client speak to their host. I am not overly sure how good Godaddy is, but I haven't heard good things. The common fix for this is reverting for a backup prior to this event happening.
In addition, once fixed install http://wordpress.org/plugins/better-wp-security/
If you do not have a backup, then try reinstalling wordpress files (keep the database). Delete all plugins, and reinstall from fresh. But for the love of god... take a backup first.
If you need a recommendation for a host try Siteground for specialist Wordpress hosting, or Hostnine for something cheaper, but very good. We use both, but mainly Hostnine for client sites.
-
My web development company (Everbearing Services) moved all of our clients off of Godaddy several years ago because of performance and security issues. There are several other good web hosts out there. The one that I feel is a true gem is one called Zippykid which only hosts word press web sites. They also provide security and malware scanning automatically. They also do all the patches and updates you might need.
They use Rackspace as their back end infrastructure. If your web site is not on Wordpress you might consider these guys. I have read in other posts that a provider Firehost is really good.
I have not seen any good reports on Godaddy lately.
That is my two cents if this helps. If you do not get your questions answered here and need any further help on this feel free to call me tomorrow or Monday.
Ron
-
The dangers of shared servers! If someone else's website on the server has vulnerable script on their site hackers can inject code on other sites on the same server... Remove the malicious code and talk to GoDaddy, hopefully they've picked it up and removed the offending site?
Of course, it could be that GoDaddy don't have the latest security patches installed on their servers and they are the cause!?!
-
Here is a step-by-step of what you could try doing from Cypress North: Hacked? Here's How to Remove the Dreaded Google Malware Warning.
Google also says, "If you're the administrator of a site we've identified with this warning message, learn how webmasters can fix this issue. Note that in some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message."
Good luck.
Mike
-
Set up WBT and Bing web tools. This will tell you whats happening from the malware side of things.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Is it against google guidelines to use third party review sites as well as have reviews on my site marked up with schema?
So, i look after a site for my family business. We have teamed up with the third party site TrustPilot because we like the way it enables us to send out reviews to our customers directly from our system. It's been going great and some of the reviews have been brilliant. I have used a couple of these reviews on our site and marked them up with: REVIEW CONTENT We work in the service industry and so one of the problems we have found is that getting our customers to actually go online and leave a review. They normally just leave their comments on a job sheet that the workers have signed when they leave. So I have created a page on our site where we post some of the reviews the guys receive too. I have used the following: REVIEW TITLE REVIEW Written by: CUSTOMER NAME Type of Service:House Removal Date published: DATE PUBLISHED 10 / 10 stars I was just wondering I was told that this could be against googles guidelines and as i've seen a bit of a drop in our rankings in the last week or so i'm a little concerned. Is this getting me penalised? Should I not use my reviews referencing the ones on trust pilot and should i not have my own reviews page with rich snippets?
Web Design | | BearPaw881 -
Curious why site isn't ranking, rather seems like being penalized for duplicate content but no issues via Google Webmaster...
So we have a site ThePowerBoard.com and it has some pretty impressive links pointing back to it. It is obviously optimized for the keyword "Powerboard", but in no way is it even in the top 10 pages of Google ranking. If you site:thepowerboard.com the site, and/or Google just the URL thepowerboard.com you will see that it populates in the search results. However if you quote search just the title of the home page, you will see oddly that the domain doesn't show up rather at the bottom of the results you will see where Google places "In order to show you the most relevant results, we have omitted some entries very similar to the 7 already displayed". If you click on the link below that, then the site shows up toward the bottom of those results. Is this the case of duplicate content? Also from the developer that built the site said the following: "The domain name is www.thepowerboard.com and it is on a shared server in a folder named thehoverboard.com. This has caused issues trying to ssh into the server which forces us to ssh into it via it’s ip address rather than by domain name. So I think it may also be causing your search bot indexing problem. Again, I am only speculating at this point. The folder name difference is the only thing different between this site and any other site that we have set up." (Would this be the culprit? Looking for some expert advice as it makes no sense to us why this domain isn't ranking?
Web Design | | izepper0 -
Recovering organic traffic and Google rankings post-site-crash
Hi everyone, we had a client's Wordpress website go down about 2 weeks ago and since then organic traffic has basically plummeted. We haven't identified exactly what caused the crash, but it happened twice in one week. We spent a lot of time optimizing the site for organic SEO, improving load times, improving user experience, improving the website content, improving CTR, etc. Then one morning we get a notification from our uptime monitoring service that the site was down, and upon further inspection we believe it may have been compromised. The child theme that the website was using, all of the files were deleted and/or blank. We reverted the website to a previous backup, which fixed the problem. Then, a few days later, the same exact thing happened, only this time the child theme files were missing after the backup was restored. We've since re-installed and reconfigured the child theme, changed all passwords (Wordpress, FTP, hosting, etc.), and we're looking into changing hosting providers in the very near future. The site uses the Yoast Wordpress SEO plugin, which has recently been reported as having some security flaws. Maybe that was the cause of the problem. Regardless, the primary focus right now is to recover the organic traffic and Google rankings that we've worked so hard to improve over the past few months up until this disaster occurred. The client is in a very competitive niche and market, so I'm pretty frustrated that this has happened after we were making such great progress, Since the website went down, organic search traffic has decreased by 50%. The site and all internal pages are loading properly again (and have been since the second time the website went down), but Google Webmaster Tools is still reporting a number of pages as "not found" witht he crawl dates as early as this past weekend. We've marked all errors as "fixed", and also re-submitted the Sitemaps in Google Webmaster Tools. The website passes the "mobile-friendly" tests, received A and B grades in GTMMetrix (for whatever that's worth), and still has the same original Google Maps rankings as before. The organic traffic, however, and organic rankings on Google have seen a pretty dramatic decrease. Does anyone have any recommendations when it comes to recovering a website's authority and organic traffic after it's experienced some downtime?
Web Design | | georgetsn0 -
Do you know any tool(s) to check if Google can crawl a URL?
Our site is currently blocking search bots that's why I can't use Google Webmaster Tools' URL fetch tool. In Screamingfrog, there are dynamic pages that can't be found if I crawl the homepage. Thanks in advance!
Web Design | | esiow20130 -
Accordion Fold Ups Bad For Google
http://fandicoach.com/products Right now I have these accordion things on the website. Are they bad for google in terms of being an SEO best practice? I want to avoid doing anything black hat. Thanks!
Web Design | | OOMDODigital0 -
Does Google have problem crawling ssl sites?
We have a site that was ranking well and recently dropped in traffic and ranking. The whole site is https and and not just the shopping pages. Thats the way the server is setup, they make whole site https. My manager thinks the drop in ranking is due to google not crawling https. I think contrary, but would like some feedback on this. Site is here
Web Design | | anthonytjm0 -
The primary search keywords for our news release network have dropped like a rock in Google... we are not sure why.
Hi, On April 11th, a month after the farmer update was released for U.S. users of Google, the primary keywords for ALL our sites significantly dropped in Google. I have some ideas why, but I wanted to get some second opinions also. First off, I did some research if Google did anything on the 11th of April... they did. They implemented the farmer update internationally, but that does not explain why our ranks did not drop in March for U.S. Google users... unless they rolled out their update based on what site the domain is registered in... in our case, Canada. The primary news release site is www.hotelnewsresource.com, but we have many running on the same server. EG. www.restaurantnewsresource.com, www.travelindustrywire.com and many more. We were number 1 or had top ranks for terms like ¨Hotel News¨, ¨Hotel Industry¨, ¨Hotel Financing¨, ¨Hotel Jobs¨, ¨Hotels for Sale¨, etc... and now, for most of these we have dropped in a big way. It seems that Google has issued a penalty for every internal page we link to. Couple obvious issues with the current template we use... too many links, and we intend to change that asap, but it has never been a problem before. The domain hotelnewsresource.com is 10 years old and still holds a page rank of 6. Secondly, the way our news system works, it´s possible to access an article from any domain in the network. E.G. I can read an article that was assigned to www.hotelnewsresource.com on www.restaurantnewsresource.com... we don´t post links to the irrelevant domain, but it does sometimes get indexed. So, we are going to implement the Google source meta tag option. The bottom line is that I think we put too much faith in the maturity of the domain... thinking that may protect us... not the case and it´s now a big mess. Any insight you can offer would be greatly appreciated. Do you think it was farmer or possibly something else? Thanks, Jarrett
Web Design | | jarrett.mackay0