Site Blacklisted
-
Good morning.
Just done my WMT ritual morning check and one of my sites has been blacklisted for malware.
It's a wordpress site - I've run various scans, e.g. http://sitecheck.sucuri.net/scanner/ and also installed wordfence and scanned with that and wordfence produced some offending files which I have now deleted.
I've also installed website defender in the hope that it wont happen again. I'm pretty good with staying on top of updates and rarely let a few days pass without upgrading new version of wordpress or plugins etc. I've also checked my users to make sure no new admins or anything and also changes passwords.
I've asked for a review from Google and just wondered how long these reviews take?
Also, has anybody got any advice, is there anything else I should be doing?
Thanks
-
That is good to hear, Jo.
Thanks for letting us know. feedback is good.
Be vigilant, because the hackers never stop.
My dedicated server constantly has hackers trying to break in, mostly chinese and russians. Complex passwords and countermeasures keep us safe, but it only takes one weak link somewhere to break it all down.
-
Thanks all for your help, I was de-blacklisted this afternoon - phew.
-
The webserver log is what you need.
You may be able to see that in Cpanel, depending on how it is configured.
The log may also be in the document root, updated daily and compressed.
If you haven't looked at logs before, it can be difficult to determine what is really going on in there.
-
I didn't check the dates
The site is less than a month old though.
When you say logs, I'm not entirely sure what I'm looking for. I use cpanel so have access to various logs, but I have to admit, I haven't spent any time in there and now I'm conscious that this is something I need to educate myself on quick.
Any suggested resources for which logs to use for what?
-
Jo,
before you removed the bad files, did you check the dates?
If you have logs, you could go back to see when those files were first accessed.
Then go backwards looking for activity that doesn't look normal.
That could tell you where the problem is.
-
Thanks, I'm not so sure! I'm a freelancer and I wok on my own so I have nobody to really bounce ideas off, so this community is great for that. Glad to know I'm doing it right
I'm not a bit lover of plugins and I try to keep to a minimum, but I've removed anything unessential - even my beloved Flare sharing buttons, for now anyway.
I'll let you know when Google come back to me
-
I just want to reiterate what Andy said about sitespeed as well, try to have as little plugins as possible.
When you visit a WP site and its super slow, its usually because they have gallery plugins and all sorts running which sucks the life out of the sitespeed.
Anyway, good luck seems as though you know what your doing anyway.
-
Thanks all for your responses, much appreciated.
I installed the timthumb vulnerability scanner and it says no instances were found.
I'm going to go through and ditch the unnecessary plugins...I use woocommerce and they have recent upgrade but its not compatible with my theme so I can't update it, which is a giant pain. I hope its not that.
Thanks for your help.
-
Agree
-
I think you have already done quite a bit.
I suppose just be a little more selective which plugins you install, some have holes in and once the word is out about particular holes in certain plugins these people will come looking for blogs with it installed.
-
Hello Jo.
Do you know exactly how they got in?
If not, here is one possibility:
Check to see if you have a copy of timthumb.php
If you do, and it is an old version, it has a vulnerability you must fix, otherwise it will happen again.
Here is information about that, including a scanner that should find and fix that problem.
<cite>wordpress.org/extend/plugins/timthumb-vulnerability-scanner/</cite>
-
in my experience, and i've a fair bit with WP, the majority of malware comes from plugins which get updated and become infected themselves. Wordfence certainly can help with this problem, but a regular securi scan will too.
My advice is deactivate and uninstall any plugins you don't really need or use - this will make the site faster and more secure.
Once the malware has gone you can do as you have and ask for relisting or wait it out, google will come back and check. Manual reviews will take a few days to come back I believe, though it depends on the nature of the malware - if its believed to be complex it will be manual if its just one file being "naughty" a robot may scan your site to take a look that it's gone and it could be up in 24-48 hours.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Are on-site content carousel bad for SEO?
Hi, I didn't find an answer to my question in the Forum. I attached an example of content carousel, this is what I'm talking about. I understand that Google has no problem anymore with tabbed contents and accordeons (collapsible contents). But now I'm wondering about textual carousels. I'm not talking about an image slider, I'm talking about texts. Is text carousel harder to read for Google than plain text or tabs? Of course, i'm not talking about a carousel using Flash. Let's say the code is proper... Thanks for your help. spfra5
Technical SEO | | Alviau0 -
Site hacked in Jan. Redeveloped new site. Still not ranking. Should we change domain?
Our top ranking site in the UK was hacked at the end of 2014. http://www.ultimatefloorsanding.co.uk/ The site was the subject of a manual spam action from Google. After several unsuccessful attempts to clean it up, using Securi.net and reinstating old versions of the site, changing passwords etc. we took the decision to redevelop the site. We also changed hosting provider as we had received absolutely no support from them whatsoever in resolving the issue. So far we have: Removed the old website files off the server Developed a new website having implemented 301's for all the old URL's (except the spam ones) Submitted a reconsideration request for the manual spam action, which was accepted. Disavowed all the spammy inbound links through Webmaster Tools Implemented custom URL parameters through Google to not index the SPAM URLs ( which were using parameters) Our organic traffic is down by 63% compared to last year, and we are not ranking for most of our target keywords any longer. Is there anything that I am missing in the actions I have taken so far? We were advised that at this stage changing domain and starting again might be the way to go. However the current domain has been used by us since 2007, so it would be a big call. Any advice is appreciated, thanks. Sue - http://www.ultimatefloorsanding.co.uk/
Technical SEO | | galwaygirl0 -
Duplicate Content within Site
I'm very new here... been reading a lot about Panda and duplicate content. I have a main website and a mobile site (same domain - m.domain.com). I've copied the same text over to those other web pages. Is that okay? Or is that considered duplicate content?
Technical SEO | | CalicoKitty20000 -
404 Errors After Site Migration
Hello - I'm working on a website selling fashion accessories. The site just went through a site migration from Yahoo! to Big Commerce. Now we have a high level of warnings and errors from the crawl. Few are mentioning sites I never seen before on the Yahoo! platform. I also notice that the pages crawled has doubled. How can I fix or did I do something wrong with migration? I was running the website with minimal errors and now overwhelmed with errors all the error updates. If I can get some assistance on what could be wrong, I would greatly appreciate. Thanks.
Technical SEO | | ShopChameleon0 -
What to do next with my site gamblingsites.co
So I have this site gamblingsites.co, which I launched about a year ago (I think.) This used to be internetgamblingsites.net (a domain I bought, but never managed to get in the index, and it appeared to violate the T/Cs after asking in GWMT) and before that the site used to be casinowarehouse.eu. After moving to gamblingsites.co, the pages were indexed almost instantly. I kept a 301 in place until today as I had some links pointing to internetgamblingsites.net. Now, until a few weeks ago, everything was fine. The site was ranking top 10 for gambling sites (8-10) and I had some traffic everyday. This site wasn't my top priority, so besides adding new unique content, I didn't do much with it. In each case no shady link building or what-so-ever. On February first of this year, however, it lost all of its rankings, and I have no idea why. Much worse site appear in the top 50, where a sub page of my site appears somewhere on the 9th SERP for keyword 'gambling sites.' Last week I started contacting some people and asked them to update my links. I also used my own sites (all on unique hosting accounts) to build some branded links, i.e. 'GamblingSites.co' and similar terms to down tune the exact match. I also decreased the instances of the exact match on the homepage, to avoid over optimization. Finally, I removed the 301 from internetgamblingsites.net, since the better links have been changed (or are about to get changed soon.) Now, couple of days later... no changes, but it's probably to early to judge. My question to you: "What would you do next, to try to save the site and at least get some traffic to it?" Thank you for your help, Giorgio PS: Feel free to ask for more information.
Technical SEO | | VisualSense0 -
Site not indexing correctly
I am trying to figure out what is going on with my site listings. Google is only displaying my title and url - no description. You can see it when you search for Franchises for Sale. The site is www.franchisesolutions.com. Why could this happen? Also I saw a big drop off in a handful of keyword rankings today. Could this be related?
Technical SEO | | franchisesolutions0 -
Will training videos available on the "members only" section of a site contribute to the sites ranking?
Hello, I got asked a question recently as to whether training videos on the deeper pages of a website (that you can only access if you are a member and log in) will help with the sites ranking. On the SEOMoz software these deeper pages have been crawled as far as I can tell with errors reported on pages from the "members only" section of the site, leading me to believe the members only pages and their content will contribute to the sites overall ranking profile. I have suggested uploading the informational videos on the main pages of the site for now, making them accessible to all visitors and putting them in a more obvious place to encourage more sharing and views, however I've also said I would check it out with some experts so any information will be greatly appreciated! Many thanks 🙂 Charlotte
Technical SEO | | CharlotteWaller0 -
UK and USA site versions
We have a UK site selling our product and we are due to appoint a reseller in the USA, they require a .com domain, which makes sense and they also would like to see American spellings etc and currency. also we feature heavily in pubs and they want this referred to as "bars" so there are a few tweaks here and there but mainly just slight variations on spelling and terminology. These are only minor adjustments to our current site, what is the best way of achieving this without falling foul of duplicate content issues.
Technical SEO | | IPIM0