Familiar with the malware reinclusion process?
-
One of our sites was haXX0red and at the moment I'm thinking it was a non-updated paid for WP plugin using the old version of timthumb.
While not important to my question, the hack included .htaccess files in all the /uploads/ to redirect to a site (tonycar dot com) which I assume installed some sort of malware or spyware.
I changed all ftp and admin log ins, updated the timthumb files and deleted all the .htaccess files, for added measure I've currently made the upload folders read only.
I've requested a review through webmaster tools and the image that WMT claimed to be an issue has been removed as being an issue. That is to say if I clicked on the malware warning in WMT, it told me imagex.jpg was a problem and now it doesn't tell me anything is an issue, though the malware warning still persists.
As I no longer have any indication as to what (if anything) is wrong, I tried going through some contacts at adwords to no avail, though they have said there's a note saying there's no malware currently on the site (I'm hoping that's by them and not just my reinclusion request).
Assuming the all mighty G is now satisfied there's no malware on the site (or being processed by the site), does anyone have any idea how to get rid of the warning?
Alternatively if the warning is accurate, how can I find out what's being effected?
-
It's a waiting game at this point. If they don't find problems then ask for reinclusion again. Wait 24 hours between asking for reinclusion & seeing if Google reports new problems.
-
If Google's stopped telling me what the problem files are, any idea how to find out what they are seeing?
I think I've plugged the problem and removed the suspicious files, but I can't really be sure.
-
I ran into an issue with malware once and Google was very responsive during the process. Each time I asked for reinclusion the request was responded to within 24 hours.
I say "each time" because this particular piece of malware infected random files across an entire dedicated server hosting a great deal of websites. After I became aware that the problem was impossible to solve manually, I wrote a script to detect and remove all traces of the malware. At this point it was my 5th request I believe, and there was no problem with Google approving my request.
There are scanners you can use but during my look at them, I didn't find any reliable free ones. Hopefully you got it all and won't need to pay for anything.
Wonderful people, these malware creators. Best of luck.
-
It should go away on it's own once you removed all the offending malware code from your site.
Call your hosting company and they will scan your site and remove the malware for you. A lof of people don't know that their hosting company will be more than happy in assisting removing hacks or viruses present on your sites at no charge. It's probably still on your site if you're still getting the message days later.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Old pages not mobile friendly - new pages in process but don't want to upset current traffic.
Working with a new client. They have what I would describe as two virtual websites. Same domain but different coding, navigation and structure. Old virtual website pages fail mobile friendly, they were not designed to be responsive ( there really is no way to fix them) but they are ranking and getting traffic. New virtual website pages pass mobile friendly but are not SEO optimized yet and are not ranking and not getting organic traffic. My understanding is NOT mobile friendly is a "site" designation and although the offending pages are listed it is not a "page" designation. Is this correct? If my understanding is true what would be the best way to hold onto the rankings and traffic generated by old virtual website pages and resolve the "NOT mobile friendly" problem until the new virtual website pages have surpassed the old pages in ranking and traffic? A proposal was made to redirect any mobile traffic on the old virtual website pages to mobile friendly pages. What will happen to SEO if this is done? The pages would pass mobile friendly because they would go to mobile friendly pages, I assume, but what about link equity? Would they see a drop in traffic ? Any thoughts? Thanks, Toni
Technical SEO | | Toni70 -
Recover google INdexing issue after fixing malware attack.
Dear My Niche site attacked by malware on 1 st march 2018. Hacker inject a php file on my blogpage. Injected link like: mydomain.com/blog/dmy4xa.php? Then I scan My site by wordfence. Identifying all malware code.Then manually clean whole site with database. My site is completely free from malware. and remove all malware link from webmaster tools. Even Block my blog page by robots.txt . But new malware link index every week. So i need to remove those link every week. So this issue I decided to rebuild my site. Finally I rebuild my site another server. Then I flash my current server and migrate my site from those server on 10th january 2019 . I wait 1 month to deindex malware link. But new link are indexing every week. I discourage site for over 1 week and even delete site from google webmaster tools with all properties as well as verification file from server. Over 1 week , Link are showing. I feel boar to delete malware link every week. I need permanent solution. Please give me a perfect solution for this malware link index. Google index about 100 url .After that I clean my site with some tools. My site was free from malware. But Ne
Technical SEO | | Gfound1230 -
Redirect Process for Moving a Blog
Hi, I've read several articles about the correct process for moving a blog from a subdomain to the main root domain but am not quite 100% sure as to what to do in our scenario. They were hosting their blog on Hubspot which puts the blog on a sub-domain "blog.rootdomain.com". Realizing it isn't benefiting the main website for SEO they want to move it to the main website. I understand we have to redirect the Hubspot "blog." pages to the new "rootdomain.com/blog" pages but when transferred over (it's a WordPress site) it shows the dates. So, the URL is "rootdomain.com/blog/year/month/title". They want to remove the date. Does that mean the URL must be re-written then redirected so that there's no date showing? There's over 300 posts which will have to be redirected from the Hubspot URLs. Is there a way to avoid setting up the second redirect to remove the dates or make it easier so it isn't one page at a time?
Technical SEO | | Flock.Media0 -
Has anyone seen direct improvement after April 23 by requesting reinclusion?
Using the open site explorer I have figured out that my former seo agency was buying name spam (mostly Asian sites)for my main keywords and did the same in a private network of blogs. I don't speak any eastern languages and seo Super Dude has left the planet. So... I don't really have much to report to the Google Webmaster folks. How much time - effort- cash do invest in removal requests vs, redo the whole darn site and hope for the best? All the best. Tom
Technical SEO | | tvw1300 -
Malware & Wordpress
Google has identified Malware on on eof our Wordpress sites. In webmaster tools it names the 10 pages where code has been injected. I cant' find them easily via the WP dashboard and wondered if anyone had had any experience of this and what steps they took? Plus are there any measure I can take to fight against this? The site is on the latest WP version. Thanks, Colin
Technical SEO | | NileCruises0 -
Ads above the fold penalty. Should I request reinclusion?
HI! My site has been losing traffic slowly for about 18 months. But it was in January 19 that was hit big time. My site has a lot of ads, including two 300x250 above the fold ads that were very lucrative for me. After January 19, I decided to remove only one ad of those two, but no change was reflected in the traffic. It is obvious that I needed to remove the other ad, but I didn't do it for two reasons. I still earn money from that ad and removing it would result in serious problems. A webmaster friend of mine that was hit too by this penalty, removed the ads and tried all sort of stuff to regain the lost traffic with NO LUCK in several months. He has unique and excellent content. So, after seeing his experience I didn't want to touch my biggest source of income and leave it as it is. My site has other problems that concerns Panda and maybe Penguin, and since yesterday I've been starting to fix them. Is it a good idea to request a reinclusion to check if I was manually penalized, without being previously notified by GWMT of any problem in my site? Thanks in advance, Enrique
Technical SEO | | enriquef0 -
Malware ranking drops
Hi, One of our sites got hit with malware in November. We cleaned it up and sent a reconsideration request and no malware warnings are in WMT anymore. We still haven't seen an improvement in rankings even though people say it can take up to 90days? Organic traffic is down 40% and still dropping. Any advice? Thanks
Technical SEO | | Sayers0 -
How to automate the process of checking the operators
How to automate the process of checking the operators of search teams.
Technical SEO | | meteorr
such as:
inurl:? lang = ru site: tochka.net
inurl: print site: tochka.net
inurl: print site: tochka.net / *
inurl: nomobile = 1 site: tochka.net / *
inurl: comments site: tochka.net
inurl: comments site: tochka.net / *
inurl:? a_aid site: tochka.net ... with the conclusion of the number of pages in the search. There is a program to identify?0