Welcome to WebmasterWorld Guest from 54.145.205.178

Forum Moderators: phranque

Message Too Old, No Replies

Receive a malware notification from Google

Just received a malware notification but have no idea what went wrong

     
9:12 am on Jun 4, 2009 (gmt 0)

Junior Member

10+ Year Member

joined:May 27, 2006
posts:41
votes: 0


I have just received a malware notification from Google today, claiming that my site has suspicious content and they will put a warning in their search result. I checked the Stopbadware guidelines but could not find any problem with my site. A Google diagnosis also confirmed that there was no suspicious content or malicious software hosted in my site over the past 90 days. The only problem is my site is hosted in a network of >40000 sites and some of them have suspicious content that can download malware to the visitors' computers. My site is hosted in a shared server so I can't control the content of the other sites (and these sites may or may not know they serve suspicious content themselves). I wonder if the more experienced webmasters can suggest ways to tackle this problem. I have already contacted my hosting company and asked Google for a site review and explained the situation.

Thanks in advance for your help.

9:53 am on June 4, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month

joined:July 29, 2007
posts:1756
votes: 83


Check your server logs for suspicious activity on your site. Check your code to make sure you haven't allowed a widget of some kind permission to execute code (I see this on wordpress sites that allow php execution inside articles but forget that widgets in the sidebar can execute it too).

If the problem is not on your site talk to your host, they can most readily find the problem site on your shared server and remove it. File a complaint if you have to, your service is being affected.

10:04 am on June 4, 2009 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member piatkow is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 5, 2006
posts:3360
votes: 31


Did you check the message headers to make sure that the notification itself was genuine?
8:28 am on June 5, 2009 (gmt 0)

Junior Member

10+ Year Member

joined:May 27, 2006
posts:41
votes: 0


I found out that my site was hacked. The attack was on the server side. I checked all files in my own computer and they are okay, but someone put a javascript code in the index page of one subdomain and the main domain. I have removed the script and Google has removed the warning too. My hosting company said I needed to take care of my own content and they did not think it was their fault. I use Dansie shopping cart, it is the only script (CGI script) I installed in my account. So I don't know if this is the problem. When you have several subdomains, it is really hard to detect any suspicious codes at first.
9:14 am on June 5, 2009 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:7163
votes: 443


it is really hard to detect any suspicious codes at first.

But the head's up has been given. This maintainance/housekeeping is something you'll have to do "forever".

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members