Google Malware Message
-
*Update 9/19/2013
So I finally have more details the site is a joomla site and is hosted on godaddy. The weird thing is the malware message only appears when browsing the site in chrome it comes up fine in internet explorer any specific reason why that would be? Also we noticed that on the joomla template there were about 6 scripts after the tag that were adult site related and have nothing to do with our site, any ideas? I appreciate all/any suggestions and or advice. Thank You.
I had a client recently pay about $300 for a site design that she hosted on go daddy. This is the site www.shirianfabric.com can anyone tell me why this would happen its only been live for about three months and out of no where we get this message? My client is thinking maybe the designer inserted some kind of malicious code?as he is now charging a couple hundred to fix the issue. Is there any way to look further into this? Im not sure a webmasters account was ever set up for this site so any advice would be greatly appreciated. Thanks.
-
Thank You! The site in question had the same malicious scripts detailed here. After finding them and removing them the site is up and running as it should thanks again for the advice.
-
Thank you very much for the links you provided. After doing some research I found some shady scripts on the website templates after removing the scripts everything seemed to work fine. We have changed the login info because unfortunately it looks as if the designer himself inserted the malicious code. Again thanks for the links and the info they got me on the right track.
Below is the malicious script for anyone having similar issues
-
I checked the site, and saw something a bit odd. This link kinda explains the problem, as you have the same code they have identified as a problem.
http://www.oxwall.org/forum/topic/11304
I would recommend in the first instance your client speak to their host. I am not overly sure how good Godaddy is, but I haven't heard good things. The common fix for this is reverting for a backup prior to this event happening.
In addition, once fixed install http://wordpress.org/plugins/better-wp-security/
If you do not have a backup, then try reinstalling wordpress files (keep the database). Delete all plugins, and reinstall from fresh. But for the love of god... take a backup first.
If you need a recommendation for a host try Siteground for specialist Wordpress hosting, or Hostnine for something cheaper, but very good. We use both, but mainly Hostnine for client sites.
-
My web development company (Everbearing Services) moved all of our clients off of Godaddy several years ago because of performance and security issues. There are several other good web hosts out there. The one that I feel is a true gem is one called Zippykid which only hosts word press web sites. They also provide security and malware scanning automatically. They also do all the patches and updates you might need.
They use Rackspace as their back end infrastructure. If your web site is not on Wordpress you might consider these guys. I have read in other posts that a provider Firehost is really good.
I have not seen any good reports on Godaddy lately.
That is my two cents if this helps. If you do not get your questions answered here and need any further help on this feel free to call me tomorrow or Monday.
Ron
-
The dangers of shared servers! If someone else's website on the server has vulnerable script on their site hackers can inject code on other sites on the same server... Remove the malicious code and talk to GoDaddy, hopefully they've picked it up and removed the offending site?
Of course, it could be that GoDaddy don't have the latest security patches installed on their servers and they are the cause!?!
-
Here is a step-by-step of what you could try doing from Cypress North: Hacked? Here's How to Remove the Dreaded Google Malware Warning.
Google also says, "If you're the administrator of a site we've identified with this warning message, learn how webmasters can fix this issue. Note that in some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message."
Good luck.
Mike
-
Set up WBT and Bing web tools. This will tell you whats happening from the malware side of things.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Website Form Doesn't Work for Visitors from Google Search App
I've got a strange issue where if visitor is viewing a website from within the Google Search App, the app doesn't seem to be able to handle online forms. The form relies users on entering data, which is then POSTed to an external booking engine site. Normally this works fine, except when Google Search App is acting as the browser, the post payload is empty and the URL breaks. We're a bit stumped as to how to move forward. So far the only lead is that Android users can override having the app behave as a browser - but doesn't seem like iOS users can. Any additional ideas/tips are welcome here - thanks. 🙂
Web Design | | mirabile0 -
A campaign ghost keeps returning to my Google Analytics - Help!
A couple of campaign tracking links were created on my homepage (leading to internal pages), these were removed a few weeks ago (100% removed from the site). I understand there is a 6 month window and as long as a user returns (no matter from which source) they will be counted as a session against that campaign. Since these campaign links were set-up in error, I hoped creating a fresh new view within Google Analytics would stop them appearing. However they are still showing as sessions even in the new view (created after removing the campaign links in question). Is there anyway to stop this happening!? I want to be able to report on sessions correctly. Thanks, Sam
Web Design | | Sam.at.Moz0 -
Fetch data for users with ajax but show it without ajax for Google
Hi, We have a thematic footer which shows similar pages links relevant to the search criteria made on a page. We want to fetch those footer similar links through ajax when users search on site but the links will be shown without using ajax when Google fetches those pages. We want to do this to improve our page load time. The links content & count will be exactly same in both cases whether Google fetches the search pages or user fetches those pages. Will this be treated as negative by Google, Can this have any negative affect on our rankings or traffic. Regards,
Web Design | | vivekrathore0 -
Dealing with the impending Google mobile compliance update - is bMobilized any good as a temporary measure?
We've been caught a bit off guard with the upcoming Google mobile compliance issue and received the warnings in webmasters about fixing mobile usability issues. It will still be some time before we can have the site re-coded as responsive. I have stumbled upon a converter tool (which turns any site into one that's mobile friendly) called bMobilized, which essentially turns your site into one that's mobile friendly. Have you used bMobilized? Is it a safe idea to use this service temporarily until our new responsive site is ready in a few months? Do you have any suggestions for temporarily getting around the mobile compliance issue while our new responsive site is being built? Thanks
Web Design | | Martin_S0 -
Google tag manager on blocked beta site - will it phone home to Google and cause site to get indexed?
We want to develop a beta site, in a directory with the robots.txt blocking bots. We want to include the Google Tag Manager tags and event layer tracking code on this beta site. My question is that by including the Google Tag Manager code, that phones home to Google, will it cause Google to index this beta site when we don't want it indexed?
Web Design | | CFSSEO0 -
Accordion Fold Ups Bad For Google
http://fandicoach.com/products Right now I have these accordion things on the website. Are they bad for google in terms of being an SEO best practice? I want to avoid doing anything black hat. Thanks!
Web Design | | OOMDODigital0 -
Why is Google sending traffic to our homepage, not our optimized pages?
Hello Forum, My team and I just completely redid a yoga eCommerce site, including its SEO. The old version of the site didn't feature page-specific optimization and, as a result, Google's search results for our keywords almost always directed visitors to the homepage. For example, a Google search for the term "yoga bolster" sent users to the homepage, not the product category page for yoga bolsters. After redoing the site and optimizing specific pages (i.e. the yoga bolster page is now optimized for the keyword "yoga bolster"), the Google search results are still taking users to the homepage, not the optimized page. (i.e. if you search for yoga bolster, find our search result, and click the search result link, you're taken to the homepage, not the bolster page) It's only been about 36 hours since we've launched the new website and submitted it to Google's webmaster tools. Does anyone know why Google is still sending people to our homepage and not the keyword-optimized pages we created? Is this a timing issue?
Web Design | | pano0 -
The primary search keywords for our news release network have dropped like a rock in Google... we are not sure why.
Hi, On April 11th, a month after the farmer update was released for U.S. users of Google, the primary keywords for ALL our sites significantly dropped in Google. I have some ideas why, but I wanted to get some second opinions also. First off, I did some research if Google did anything on the 11th of April... they did. They implemented the farmer update internationally, but that does not explain why our ranks did not drop in March for U.S. Google users... unless they rolled out their update based on what site the domain is registered in... in our case, Canada. The primary news release site is www.hotelnewsresource.com, but we have many running on the same server. EG. www.restaurantnewsresource.com, www.travelindustrywire.com and many more. We were number 1 or had top ranks for terms like ¨Hotel News¨, ¨Hotel Industry¨, ¨Hotel Financing¨, ¨Hotel Jobs¨, ¨Hotels for Sale¨, etc... and now, for most of these we have dropped in a big way. It seems that Google has issued a penalty for every internal page we link to. Couple obvious issues with the current template we use... too many links, and we intend to change that asap, but it has never been a problem before. The domain hotelnewsresource.com is 10 years old and still holds a page rank of 6. Secondly, the way our news system works, it´s possible to access an article from any domain in the network. E.G. I can read an article that was assigned to www.hotelnewsresource.com on www.restaurantnewsresource.com... we don´t post links to the irrelevant domain, but it does sometimes get indexed. So, we are going to implement the Google source meta tag option. The bottom line is that I think we put too much faith in the maturity of the domain... thinking that may protect us... not the case and it´s now a big mess. Any insight you can offer would be greatly appreciated. Do you think it was farmer or possibly something else? Thanks, Jarrett
Web Design | | jarrett.mackay0