Familiar with the malware reinclusion process?
-
One of our sites was haXX0red and at the moment I'm thinking it was a non-updated paid for WP plugin using the old version of timthumb.
While not important to my question, the hack included .htaccess files in all the /uploads/ to redirect to a site (tonycar dot com) which I assume installed some sort of malware or spyware.
I changed all ftp and admin log ins, updated the timthumb files and deleted all the .htaccess files, for added measure I've currently made the upload folders read only.
I've requested a review through webmaster tools and the image that WMT claimed to be an issue has been removed as being an issue. That is to say if I clicked on the malware warning in WMT, it told me imagex.jpg was a problem and now it doesn't tell me anything is an issue, though the malware warning still persists.
As I no longer have any indication as to what (if anything) is wrong, I tried going through some contacts at adwords to no avail, though they have said there's a note saying there's no malware currently on the site (I'm hoping that's by them and not just my reinclusion request).
Assuming the all mighty G is now satisfied there's no malware on the site (or being processed by the site), does anyone have any idea how to get rid of the warning?
Alternatively if the warning is accurate, how can I find out what's being effected?
-
It's a waiting game at this point. If they don't find problems then ask for reinclusion again. Wait 24 hours between asking for reinclusion & seeing if Google reports new problems.
-
If Google's stopped telling me what the problem files are, any idea how to find out what they are seeing?
I think I've plugged the problem and removed the suspicious files, but I can't really be sure.
-
I ran into an issue with malware once and Google was very responsive during the process. Each time I asked for reinclusion the request was responded to within 24 hours.
I say "each time" because this particular piece of malware infected random files across an entire dedicated server hosting a great deal of websites. After I became aware that the problem was impossible to solve manually, I wrote a script to detect and remove all traces of the malware. At this point it was my 5th request I believe, and there was no problem with Google approving my request.
There are scanners you can use but during my look at them, I didn't find any reliable free ones. Hopefully you got it all and won't need to pay for anything.
Wonderful people, these malware creators. Best of luck.
-
It should go away on it's own once you removed all the offending malware code from your site.
Call your hosting company and they will scan your site and remove the malware for you. A lof of people don't know that their hosting company will be more than happy in assisting removing hacks or viruses present on your sites at no charge. It's probably still on your site if you're still getting the message days later.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Old pages not mobile friendly - new pages in process but don't want to upset current traffic.
Working with a new client. They have what I would describe as two virtual websites. Same domain but different coding, navigation and structure. Old virtual website pages fail mobile friendly, they were not designed to be responsive ( there really is no way to fix them) but they are ranking and getting traffic. New virtual website pages pass mobile friendly but are not SEO optimized yet and are not ranking and not getting organic traffic. My understanding is NOT mobile friendly is a "site" designation and although the offending pages are listed it is not a "page" designation. Is this correct? If my understanding is true what would be the best way to hold onto the rankings and traffic generated by old virtual website pages and resolve the "NOT mobile friendly" problem until the new virtual website pages have surpassed the old pages in ranking and traffic? A proposal was made to redirect any mobile traffic on the old virtual website pages to mobile friendly pages. What will happen to SEO if this is done? The pages would pass mobile friendly because they would go to mobile friendly pages, I assume, but what about link equity? Would they see a drop in traffic ? Any thoughts? Thanks, Toni
Technical SEO | | Toni70 -
GSC: Change of Domain Not Processed, Despite Saying "Approved"?
Hi folks, I've just completed a straightforward olddomain -> newdomain migration. All the redirects were done on 7th Feb. I submitted the change of domain request on 7th Feb. All seemed fine - as can be seen in the attached. It's now 19th March and our pals at GSC are still saying that the domain migration is ongoing. I've never had this take so long before; 2-3 days tops. Their results are tanking as I can't geo target and more features in GSC are out of action as it's 'locked' due to this migration (I just get a screen as per the attached). Thoughts? Shall I risk withdrawing the request and starting anew? The old "turn it off and on again"? Thanks! hJXKC
Technical SEO | | tonyatfat0 -
Best SEO service/process to harness the power of quality backlinks?
What/who would you recommend for those looking for a strategy around realizing the benefits of high quality back links? We have tons of earned links from DA 90+ sites, but don't think we are realizing the full benefit due to onsite issues. We have scraper sites outranking us. Would it be a technical on page audit? Any guidance appreciated.
Technical SEO | | loveit0 -
How to fix Google index after fixing site infected with malware.
Hi All Upgraded a Joomla site for a customer a couple of months ago that was infected with malware (it wasn't flagged as infected by google). Site is fine now but still noticing search queries for "cheap adobe" etc with links to http://domain.com/index.php?vc=201&Cheap_Adobe_Acrobat_xi in web master tools (about 50 in total). These url's redirect back to home page and seem to be remaining in the index (I think Joomla is doing this automatically) Firstly, what sort of effect would these be having on on their rankings? Would they be seen by google as duplicate content for the homepage (moz doesn't report them as such as there are no internal links). Secondly what's my best plan of attack to fix them. Should I setup 404's for them and then submit them to google? Will resubmitting the site to the index fix things? Would appreciate any advice or suggestions on the ramifications of this and how I should fix it. Regards, Ian
Technical SEO | | iragless0 -
Our Panda Content Audit Process
We've put together this process over the past year that has shown success when it comes to sites that appear to be hit by Panda. The idea was to put together a process that would allow us to give our clients an understanding of the problem at hand and metrics we can use to explain how recovery is going. Would love to hear your opinion or if you have a different/similar strategy.
Technical SEO | | eyeflow1 -
404 or 503 Malware Content ?
Hi Folks When it comes to malware , if I have a site that uses iframe to show content off 3rd party sites which at times gets infected. Would you recommend 404 or 503 ing those pages with the iframe till the issue is resolved ? ( I am inclined to use 503 .. ) Then take the 404/503 off and ask for a reindex ( from GWT malware section ) OR Ask for a reindex as soon as the 404/503 goes up. ( I do understand we are asking to index as non existing page , but the malware warning gets removed ) PS : it makes sense for this business to showcase content using iframe on these special pages . I do understand these are not the best way to go about SEO.
Technical SEO | | Saijo.George0 -
Malware & Wordpress
Google has identified Malware on on eof our Wordpress sites. In webmaster tools it names the 10 pages where code has been injected. I cant' find them easily via the WP dashboard and wondered if anyone had had any experience of this and what steps they took? Plus are there any measure I can take to fight against this? The site is on the latest WP version. Thanks, Colin
Technical SEO | | NileCruises0 -
Duplicate exact match domains flagged by google - need help reinclusion
Okay I admit, I've been naughty....I have 270+ domains that are all exact match for city+keyword and have built tons of back links to all of them. I reaped the benefits....and now google has found my duplicate templates and flagged them all down. Question is, how to get the reincluded quickly? Do you guys think converting a site to a basic wordpress template and then simply using 275 different templates and begging applying each site manually would do it, or do you recommend. 1. create a unique site template for each site 2. create unique content any other advice for getting reincluded? Aside from owning up and saying, "hey i used the same template for all the sites, and I have created new templates and unique content, so please let me back".
Technical SEO | | ilyaelbert3