How To Remove Malware From A Website
Uh oh, the dreaded “This site may harm your computer”.
Welcome to hacks, malware, phishing and a total pain in the ass.
I did done gone and got hacked innit!
Not this site, but another Bluehost hosting account that had coming up for 50 sites on it. A few goodies, a lot of baddies, and many that have not been touched for many a year. I do like to keep ’em though, just in case 😉
This post will hopefully not be something that you need now, but bookmark it, you may well need it at some point in the future. When I woke up yesterday morning by the Wife screaming “We have been hacked”, I knew I was not in for a fun day.
I have zero technical knowledge about the back end of how hosting works, coding, and anything that involves any degree of tech savvy whatsoever, so I was not looking forward to the rest of yesterday. SEO Tips, fine, technical know-how, not so fine.
So, let’s begin.
For those with no tech savvy or even if you do then I found a few cool things that ease you along with the process. I had malware infections on nearly every single install of WordPress and each of then had to be deleted.
Remove Malware From Hosting Account
First thing is to log in to your hosting account and change the password.
Next, you want to protect your Interwebs by going to http://sitecheck.sucuri.net/scanner/# and oh what a dream find this was for me. I had already spent hours yesterday morning looking at wordpress installs on my hosting, going in to untold files and to be honest not really even knowing what the hell I was looking for.
Some piece of code that was making a hidden iframe that was infecting users computers if they went to my site apparently. Not that anyone did with a great honking “This site may harm your computer” showing up under nearly all sites in the serps.
So, paste your domain url in to sucuri and wait for the results.
For me it was a lifesaver.
Not only does it tell you exactly what the malware code is it tells you exactly what file it is in in your hosting.
Navigate to that file in your hosting and then press ctrl f and paste in the malware code that you have been given by sucuri. It will then be highlighted in the file and you just have to delete it. If the file contains only the malware code then just delete the file. I had a mix of both.
Once you have gone through all of your sites then you need to ensure that all your sites are totally up to date. Log in to each one as normal and change the password to the site. Then update every plugin, theme and WP install to the latest version.
And remember to do it regularly. As soon as these things get new versions there are apparently tons of backdoors for hackers to manipulate to make your life a total misery.
How To Get This Site May Harm Your Computer Removed By Google
Do You Have To Verify A Site In Google Webmaster Central To Get Malware Warning Removed
For whatever reason you may not wish to add a ton of sites in to Google Webmaster central, verify them and then ask them to remove the note about your site harming or infecting other peoples computers.
I searched around for an age yesterday seeing if you had to do this or not. Basically everyone I could find said that to remove this warning from your site listing in the the serps you had to apply for it to be removed by Google by having a G Webmaster account.
So, just for you guys me and Wifey did a little experiment. She carried out the procedure everyone said you had to do in Google. I submitted one to another great find, http://www.stopbadware.org/home/reportsearch which tells you if your site is in their bad books, and Googles and others too. They then check out your site and will inform the big G to remove the warning from the serps if it is now clean.
For the rest of our sites we did nothing but clean them up.
So, today, the sites that were put in to Google Webmaster and stopbadware were back to normal. Same position in the serps, no warning and all good. About half of the sites that we did nothing to apart from clean up also have the warning removed. The rest we submitted to stopbadware this morning so they should be good by tomorrow.
So, just a quick run through of what I did and those two links are invaluable, no affiliation to me in any way, just good stuff. I am sure there is a ton of stuff that many of you guys know about when it comes to this sort of thing but for us thickies I hope this helped, or helps in the future.
Stick to just a few sites per hosting account. If one gets hacked then the rest may too. For the sake of a few extra dollars a month I would get more hosting and stick to 10 or so sites per account. Something I hadn’t done. It just means that if you are remiss about updating WP or plugins, or anything else that can go wrong, and your account gets hacked you have fewer sites to sort out.
UPDATE: I recommend wp twin to backup and clone your sites once they are clear of infection. See Wifey’s WP Twin review for more details.
My recommendations are on the Tools page.
Ensure that you update WP and plugins asap and never leave old versions up, it is how the buggers can get you.
And lastly don’t believe everything that you read. Everything I could find said you had to ask for the malware notice to be lifted by verifying a site in Google Webmaster, and this is absolutely not the case.
Coming up next I have a post that is going to tell you how I jumped from bottom of page 4 to middle of page two for a tough term that is keyword targeted on a single page of a general niche site in under a week. It is old skool in the extreme but it still amazes me how many people fail to use this simple technique to boost their rankings. If all else has failed for you then this is going to be golden. You should pretty much see guaranteed upwards serps movement for any term you may wish to rank for, unless it is for something ridiculously tough, even then you may be surprised.
And it was all done with 10 links pointing to the page too.