Google Malware Message
-
*Update 9/19/2013
So I finally have more details the site is a joomla site and is hosted on godaddy. The weird thing is the malware message only appears when browsing the site in chrome it comes up fine in internet explorer any specific reason why that would be? Also we noticed that on the joomla template there were about 6 scripts after the tag that were adult site related and have nothing to do with our site, any ideas? I appreciate all/any suggestions and or advice. Thank You.
I had a client recently pay about $300 for a site design that she hosted on go daddy. This is the site www.shirianfabric.com can anyone tell me why this would happen its only been live for about three months and out of no where we get this message? My client is thinking maybe the designer inserted some kind of malicious code?as he is now charging a couple hundred to fix the issue. Is there any way to look further into this? Im not sure a webmasters account was ever set up for this site so any advice would be greatly appreciated. Thanks.
-
Thank You! The site in question had the same malicious scripts detailed here. After finding them and removing them the site is up and running as it should thanks again for the advice.
-
Thank you very much for the links you provided. After doing some research I found some shady scripts on the website templates after removing the scripts everything seemed to work fine. We have changed the login info because unfortunately it looks as if the designer himself inserted the malicious code. Again thanks for the links and the info they got me on the right track.
Below is the malicious script for anyone having similar issues
-
I checked the site, and saw something a bit odd. This link kinda explains the problem, as you have the same code they have identified as a problem.
http://www.oxwall.org/forum/topic/11304
I would recommend in the first instance your client speak to their host. I am not overly sure how good Godaddy is, but I haven't heard good things. The common fix for this is reverting for a backup prior to this event happening.
In addition, once fixed install http://wordpress.org/plugins/better-wp-security/
If you do not have a backup, then try reinstalling wordpress files (keep the database). Delete all plugins, and reinstall from fresh. But for the love of god... take a backup first.
If you need a recommendation for a host try Siteground for specialist Wordpress hosting, or Hostnine for something cheaper, but very good. We use both, but mainly Hostnine for client sites.
-
My web development company (Everbearing Services) moved all of our clients off of Godaddy several years ago because of performance and security issues. There are several other good web hosts out there. The one that I feel is a true gem is one called Zippykid which only hosts word press web sites. They also provide security and malware scanning automatically. They also do all the patches and updates you might need.
They use Rackspace as their back end infrastructure. If your web site is not on Wordpress you might consider these guys. I have read in other posts that a provider Firehost is really good.
I have not seen any good reports on Godaddy lately.
That is my two cents if this helps. If you do not get your questions answered here and need any further help on this feel free to call me tomorrow or Monday.
Ron
-
The dangers of shared servers! If someone else's website on the server has vulnerable script on their site hackers can inject code on other sites on the same server... Remove the malicious code and talk to GoDaddy, hopefully they've picked it up and removed the offending site?
Of course, it could be that GoDaddy don't have the latest security patches installed on their servers and they are the cause!?!
-
Here is a step-by-step of what you could try doing from Cypress North: Hacked? Here's How to Remove the Dreaded Google Malware Warning.
Google also says, "If you're the administrator of a site we've identified with this warning message, learn how webmasters can fix this issue. Note that in some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message."
Good luck.
Mike
-
Set up WBT and Bing web tools. This will tell you whats happening from the malware side of things.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Will Google Judge Duplicate Content on Responsive Pages to be Keyword Spamming?
I have a website for my small business, and hope to improve the search results position for 5 landing pages. I recently modified my website to make it responsive (mobile friendly). I was not able to use Bootstrap; the layout of the pages is a bit unusual and doesn't lend itself to the options Bootstrap provides. Each landing page has 3 main div's - one for desktop, one for tablet, one for phone.
Web Design | | CurtisB
The text content displayed in each div is the same. Only one of the 3 div’s is visible; the user’s screen width determines which div is visible. When I wrote the HTML for the page, I didn't want each div to have identical text. I worried that
when Google indexed the page it would see the same text 3 times, and would conclude that keyword spamming was occurring. So I put the text in just one div. And when the page loads jQuery copies the text from the first div to the other two div's. But now I've learned that when Google indexes a page it looks at both the page that is served AND the page that is rendered. And in my case the page that is rendered - after it loads and the jQuery code is executed – contains duplicate text content in three div's. So perhaps my approach - having the served page contain just one div with text content – fails to help, because Google examines the rendered page, which has duplicate text content in three div's. Here is the layout of one landing page, as served by the server. 1000 words of text goes here. No text. jQuery will copy the text from div id="desktop" into here. No text. jQuery will copy the text from div id="desktop" into here. ===================================================================================== My question is: Will Google conclude that keyword spamming is occurring because of the duplicate content the rendered page contains, or will it realize that only one of the div's is visible at a time, and the duplicate content is there only to achieve a responsive design? Thank you!0 -
What website changes (technical) SEOs can ignore confidently? Google's perspective!
Hi community members, I am looking after SEO at our company and there are lots of changes happening about our website; especially technical changes. It's hard for me to look after every deployment of the website like change of server location, etc. We generally agree that every change related to website must be notified by SEO to understand the ranking fluctuation and how search engines welcome them. I just wonder what technical deployments of a website I could confidently ignore to save time and give a go ahead to technical team without interrupting or waiting for my approval. Thanks
Web Design | | vtmoz1 -
A campaign ghost keeps returning to my Google Analytics - Help!
A couple of campaign tracking links were created on my homepage (leading to internal pages), these were removed a few weeks ago (100% removed from the site). I understand there is a 6 month window and as long as a user returns (no matter from which source) they will be counted as a session against that campaign. Since these campaign links were set-up in error, I hoped creating a fresh new view within Google Analytics would stop them appearing. However they are still showing as sessions even in the new view (created after removing the campaign links in question). Is there anyway to stop this happening!? I want to be able to report on sessions correctly. Thanks, Sam
Web Design | | Sam.at.Moz0 -
Links not visible in "Google cache text version" but visible in "Fetch as Google" in Webmaster tool
Hi Guys, There seems some issue with the coding due to which Google is not indexing half of our menu bar links. The cached text version of http://www.99acres.com/ is not showing links present in dropdown "All India" , dropdown "Advice" and "Hot Projects" tab in blue bar on top menu whereas these links are visible in "Fetch as Google" in Google Webmaster tool. Any clue to why is there a difference between the links shown in Google webmaster and Google cache text version. Thanks in advance 🙂
Web Design | | vivekrathore0 -
No cache meta tags - does it help Google get back and reindex faster?
I saw these meta tags on a site and am trying to figure out their benefit. These meta tags are on the home page, product pages, every page of the site. Will it cause search engine bots to come back and index pages faster? Will it cause slower page loading in browsers if nothing is cached? http-equiv="pragma" content="no-cache"/> http-equiv="cache-control" content="no-cache,no-store,must-revalidate"/> http-equiv="expires" content="0"/>
Web Design | | CFSSEO0 -
New Google SERPS design - What's Changed?
Has anyone noticed any fall out from the recent redesign of SERP pages by Google? I noticed that there appears to be one less organic result "above the fold" now, so if you were possibly in third or fourth position maybe slight dip in traffic? Any noticeable shift in click through rate with the new bigger font? Also, has anyone noticed if the new design has caused any shift in best practices for on-page meta data like Title tag and description tag counts? I know the Title tag was previously driven by the pixel width of the title in Google SERPS, just curious if that has changed with this redesign.
Web Design | | IrvCo_Interactive0 -
Question #1: Does Google index https:// pages? I thought they didn't because....
generally the difference between https:// and http:// is that the s (stands for secure I think) is usually reserved for payment pages, and other similar types of pages that search engines aren't supposed to index. (like any page where private data is stored) My site that all of my questions are revolving around is built with Volusion (i'm used to wordpress) and I keep finding problems like this one. The site was hardcoded to have all MENU internal links (which was 90% of our internal links) lead to **https://**www.example.com/example-page/ instead of **http://**www.example.com/example-page/ To double check that this was causing a loss in Link Juice. I jumped over to OSE. Sure enough, the internal links were not being indexed, only the links that were manually created and set to NOT include the httpS:// were being indexed. So if OSE wasn't counting the links, and based on the general ideology behind secure http access, that would infer that no link juice is being passed... Right?? Thanks for your time. Screens are available if necessary, but the OSE has already been updated since then and the new internal links ARE STILL NOT being indexed. The problem is.. is this a volusion problem? Should I switch to Wordpress? here's the site URL (please excuse the design, it's pretty ugly considering how basic volusion is compared to wordpress) http://www.uncommonthread.com/
Web Design | | TylerAbernethy0 -
Need help setting up google analytics goals / tracking
I don't use Google analytics to see much more than how many visits I'm getting and what sort of keywords people are using to find our site. I'd like to step up my GA skills a bit. I'm wondring if you guys could give me some advice. I've never really set up any GA goals, or used it to track specific things, but I'd like to. Here are a few things off the top of my head that I would like to track. I'm wondring if these are posable in GA, and if someone could give me some feedback on how to track it / set up goals. Thanks.1 1. I'd like to know how many people click play on a video when they are on a page that has a video. 2. I'd like to know how many people are clicking "like" " google plus, etc.) 3. I'd like to know the path people are taking on our site. For instance, if they click a link from Facebook, and go to a landing page, what page are they visiting next..... 4. How long people are staying on the page I would really like to break this down further by people that visit a link I posted on Facebook, or twitter, or from the link on my twitter profile page, etc... Also if there are any other valuable goals / reports that would be useful for a blogger to track I'd appreciate your feedback. Thanks.
Web Design | | NoahsDad0