Looking for someone to help with a delisted site after a malicious hack
-
Hello,
My website - www.musillawfirm.com was recently hacked and has been de-listed by google. It had some sort of a crypto mining script on it that I was able to remove. It shows up if you type in the domain but even a generic search for "musil law firm" does not show the site - it used to rank # 1 for that term and #1 or 2 for immigration lawyer in my local area. If anyone can assist me in getting it re-indexed please let me know and let me know how much it would cost. I tried getting it re-indexed through the search console, but no luck.
Thank you kindly
-
Hello
Many sites can help you solve your problem
One of the best hack and security websites in Iran that also provides security services for outsiders is PentestCore whose web site addresses are as follows:
https://pentestcore.com/ -
Ok this is, not a simple process
STEP - 1 Review Warning Status
Your website is blacklisted because Google scanned your site and found harmful behavior. Google needs to protect its users from dangerous websites that show up in their search results. In fact, websites that repeatedly get blacklisted for malicious behavior are limited to only one review every 30 days. That big red splash page (and warnings next to your site in Google's search results) are designed to stop visitors from entering your site. It works, too. Websites lose about 95% of their traffic when blacklisted by Google.
The specific warning message on your site can help you to understand what Google is telling you about the type of security issues they found on your site. This information will be useful in the following sections of this guide.
Here are a few examples of common malware warnings that suggest your hacked website is serving malicious downloads such as viruses, spyware, rootkits, and ransomware. Most browsers use Google's blacklist API, but Microsoft (IE/Edge) have their own. The following images are examples of this kind of blacklist warning from popular browsers.
- Website Malware Warnings
- Website Phishing Warnings
So the first step is to identify which one is your problem
STEP - 2 Fix Blacklist Symptoms
If you use a CMS such as WordPress or Joomla, you can safely rebuild the site using fresh copies of your core files and extensions directly from the official repositories. Custom files can be replaced with fresh a recent backup, as long as it's not infected.
To manually remove a malware infection from your website files:
- Log into your server via SFTP or SSH.
- Create a backup of the site before making changes.
- Search your files for any reference to malicious domains or payloads you noted.
- Identify unfamiliar or recently changed files.
- Restore suspicious files with copies from the official repository or a clean backup.
- Replicate any customizations made to your files.
- Test to verify the site is still operational after changes.
To manually remove a malware infection from your database tables:
- Log into your database admin panel.
- Make a backup of the database before making changes.
- Search for suspicious content (i.e., spammy keywords, links).
- Open the table that contains suspicious content.
- Manually remove any suspicious content.
- Test to verify the site is still operational after changes.
- Remove any database access tools you may have uploaded.
To clean up your user accounts:
Confirm all website user accounts are valid:
- CMS users
- FTP/SFTP/SSH users
- Database administration panels (PHPMyAdmin, etc.)
- cPanel accounts
- Hosting company logins
- Change all passwords for all users.
- Enable two-factor-authentication (2FA) if it is available.
Backdoors commonly include the following PHP functions:
- base64
- str_rot13
- gzuncompress
- eval
- exec
- create_function
- system
- assert
- stripslashes
- preg_replace (with /e/)
- move_uploaded_file
Step 3 Final Steps
To remove the blacklist warning you need to let Google know that you have completely cleared the infection. To do this, you must have a Google Search Console account (formerly Webmaster Tools).
To verify ownership of your website in Google Search Console:
- Open Google Webmaster Central.
- Click Search Console and sign in to your Google account.
- Click Add a site.
- Type in your site's URL and click Continue.
- Verify your site using the Recommended method or Alternate methods options.
- Click Add a site.
- Click Verify.
- Check the Messages section to review any warnings.
_NOTE: THIS JUST A GUIDE BASED ON MY EXPERIENCE, KEEP IN MIND THAT SOME THINGS CAN BE VALID TO YOUR CASE AND OTHERS WILL NOT VALID, ALL DEPENDS ON YOUR CMS, YOUR SERVER CONFIGURATION AND I CAN NOT GIVE YOU A EXACT ADVICE WITHOUT SPECIFIC INFORMATION _
IF THE ANSWER WERE USEFUL DONT FORGET TO MARK IT AS A GOOD ANSWER
GOOD LUCK
-
Thank you! How do I remove it? And how do I ask google to take me off the blacklist?
Thank you
-
I made an audit and your situation does not look ok.
http://www.musillawfirm.com/
Virus: HTTP
Virus: SmallHTTP
Virus: W32/Http.FILESHARE
Virus: W32/HTTP.A!dos
Virus: W32/Kryptik.WWW
Virus: VBS/Doget.HTTP!tr.dldr
Virus: Riskware/TinyHTTP
Virus: W32/NukeHTTP.A!trThe Fortinet Anti-Virus Analyst Team is currently in the process of creating a detailed description for this virus.
HOPE THIS INFO CAN HELP YOU
-
If you have been hacked probably Google put you on a blacklist. So, in that case, you need to clean up your site, and then request an evaluation process on Google. You will need to explain what happened, and what did you about it. I have a case like this a year ago.
Once they make sure you are a secure site, then you will visible again. I try to enter to your website and the firewall is blocking your site.
URL: http://www.musillawfirm.com/
Category: Malicious WebsitesSo, in that case, your site is still insecure or still is on a blacklist or even both.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Google Mobile site crawl returns poorer results on 100% responsive site
Has anyone experienced an issue where Google Mobile site crawl returns poorer results than their Desktop site crawl on a 100% responsive website that passes all Google Mobile tests?
Intermediate & Advanced SEO | | MFCommunications0 -
Google Indexed Site A's Content On Site B, Site C etc
Hi All, I have an issue where the content (pages and images) of Site A (www.ericreynolds.photography) are showing up in Google under different domains Site B (www.fastphonerepair.com), Site C (www.quarryhillvet.com), Site D (www.spacasey.com). I believe this happened because I installed an SSL cert on Site A but didn't have the default SSL domain set on the server. You were able to access Site B and any page from Site A and it would pull up properly. I have since fixed that SSL issue and am now doing a 301 redirect from Sites B, C and D to Site A for anything https since Sites B, C, D are not using an SSL cert. My question is, how can I trigger google to re-index all of the sites to remove the wrong listings in the index. I have a screen shot attached so you can see the issue clearer. I have resubmitted my site map but I'm not seeing much of a change in the index for my site. Any help on what I could do would be great. Thanks
Intermediate & Advanced SEO | | cwscontent
Eric TeVM49b.png qPtXvME.png1 -
Site not showing up in search - was hacked - huge comment spam - cannot connect Webmaster tools
Hi Moz Community A new client approached me yesterday for help with their site that used to rank well for their designated keywords, but now is not doing well. Actually, they are not on Google at all. It's like they were removed by Google. There are not reference to them when searching with "site: url". I investigated further and discovered the likely problem . . . 26 000 spam comments! All these comments have been removed now. I clean up this Wordpress site pretty well. However, I want to connect it now to Google webmaster tools. I have admin access to the WP site, but not ftp. So I tried using Yoast to connect. Google failed to verify the site. So the I used a file uploading console to upload the Google html code instead. I check that the code is there. And Google still fails to verify the site. It is as if Google is so angry with this domain that they have wiped it completely from search and refuse to have any dealings with it at all. That said, I did run the "malware" check or "dangerous content" check with them that did not bring back any problems. I'm leaning towards the idea that this is a "cursed" domain in Google and that my client's best course of action is to build her business around and other domain instead. And then point that old domain to the new domain, hopefully without attracting any bad karma in that process (advice on that step would be appreciated). Anyone have an idea as to what is going on here?
Intermediate & Advanced SEO | | AlistairC0 -
Will Schema help my website?
I'm doing SEO on a website, zing.co.nz, which is a soon to launch company. At the moment there is a splash sight up, which will be replaced by the real sight in a few weeks upon launch. Is it worth me putting in Schemas (for the first time) so that it is recognized as an organization? Will this effect us in the serps? Thanks for your help 🙂
Intermediate & Advanced SEO | | Startupfactory0 -
Site Search Results in Index -- Help
Hi, I made a mistake on my site, long story short, I have a bunch of search results page in the Google index. (I made a navigation page full of common search terms, and made internal links to a respective search results page for each common search term.) Google crawled the site, saw the links and now those search results pages are indexed. I made versions of the indexed search results pages into proper category pages with good URLs and am ready to go live/ replace the pages and links. But, I am a little unsure how to do it /what the effects can be: Will there be duplicate content issues if I just replace the bad, search results links/URLs with the good, category page links/URLs on the navi. page? (is a short term risk worth it?) Should I get the search results pages de-indexed first and then relaunch the navi. page with the correct category URLs? Should I do a robots.txt disallow directive for search results? Should I use Google's URL removal tool to remove those indexed search results pages for a quick fix, or will this cause more harm than good? Time is not the biggest issue, I want to do it right, because those indexed search results pages do attract traffic and the navi. page has been great for usability. Any suggestions would be great. I have been reading a ton on this topic, but maybe someone can give me more specific advice. Thanks in advance, hopefully this all makes sense.
Intermediate & Advanced SEO | | IOSC1 -
Rel=alternate to help localize sites
I am wondering about the efficiency of the rel=alternate tag and how well it works at specifically localizing content. Example: I have a website on a few ccTLD's but for some reason my .com shows up on Google.co.uk before my .co.uk version of my page. Some people have mentioned using rel=alternate but in my research this only seems to be applicable for duplicate content in another language. If I am wrong here can somebody please help me better understand this application of the rel=alternate tag. All my research leads me to rel=alternate hreflang= and I am not sure that is what I want. Thanks,
Intermediate & Advanced SEO | | DRSearchEngOpt
Chris Birkholm0 -
Is it possible to Spoof Analytics to give false Unique Visitor Data for Site A to Site B
Hi, We are working as a middle man between our client (website A) and another website (website B) where, website B is going to host a section around websites A products etc. The deal is that Website A (our client) will pay Website B based on the number of unique visitors they send them. As the middle man we are in charge of monitoring the number of Unique visitors sent though and are going to do this by monitoring Website A's analytics account and checking the number of Unique visitors sent. The deal is worth quite a lot of money, and as the middle man we are responsible for making sure that no funny business goes on (IE false visitors etc). So to make sure we have things covered - What I would like to know is 1/. Is it actually possible to fool analytics into reporting falsely high unique visitors from Webpage A to Site B (And if so how could they do it). 2/. What could we do to spot any potential abuse (IE is there an easy way to spot that these are spoofed visitors). Many thanks in advance
Intermediate & Advanced SEO | | James770