The Dark Side Of The Internet: What To Do If Your Site Is Attacked!


by Bob Speyer - Date: 2009-06-11 - Word Count: 709 Share This!

Imagine one morning you log on to your website only to find it has been suspended by Google. Without warning, your informative home page has been replaced by a Google Red Alert page that reads:

Reported Attack Site:

"This web site at YourURL.com has been reported as an attack site and has been blocked based on your security preferences. Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system. Some attack sites intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners."

This article is not intended to scare you, but rather to show you that the Internet can be a very nasty environment and that this could happen to your website at any time.

Internet Wars: May the Google Force Be With You
Generally, malware is installed onto a website because someone hacked into the FTP server or got the login information from the owner's email. More often than not, a website is hacked through your own email account. Therefore, it is extremely important to remove any sensitive information from your email.

Unfortunately, one of our client websites, not hosted by us, was attacked and suspended two months after launch when it was previously Google compliant and functioning perfectly. The site was compromised by a hacker who placed a malicious script or virus (badware) into the coding which could then cause users' computers to be infected. Google then informed us that the solution would be to remove the offending (and usually hidden) content from the web pages, and identify the problem and correct the vulnerability.

Once the site has been fixed and secured, you can request that the warning be removed by visiting My Site's Been Hacked and then asking for a review. If the site is no longer harmful to users, Google will remove the warning and the site will be reinstated.

The Solution to Stopping Badware!
When our client brought the Red Alert to our attention, we thoroughly reviewed the site. We found no obvious badware scripting, but something external triggered the alert. Since we always keep a clean back-up copy of clients' websites, we decided to upload the original files to their ftp site and replace the entire web contents - in essence, performing a clean install. Then we resubmitted it to Google and their partner, Stop Badware for a new review and approval. Even before Google's approval, the site was live at once and functioning properly as soon as we replaced the corrupted files. The offending Red Alert page was gone (hopefully forever).

The Best Place to Find Help
In order to help prevent future attacks, we attached Google Webmaster Tools to monitor the site and its activity. We submitted the site to Badware Busters and informed the client to change his password on their FTP site as a further precaution.

Please understand that badware (aka spyware, malware, adware) can also come in the form of malicious user-contributed content or content from an ad network that has an offending advertiser. If you have unwittingly downloaded badware and your computer is compromised, please visit the Stop Badware site for information on how to remove the offending content. The site is also excellent for tips on cleaning and securing your site and, as in the case of our client, how to submit your site for review and re-approval by Google.

Prevention Tips
There are a few things you can do to prevent badware:

1. Use Mozilla Firefox instead of Internet Explorer, which is more susceptible.
2. Keep your anti-virus software up-to-date
3. Put a firewall on your computer
4. Use physical firewalls by not connecting directly to public IPs

Many hosting providers typically do not find out about malware users until the site is already infected. This is because their security systems are not actively monitoring the system's activity. For trusted hosting providers, we recommend for Apache environment: Web Hosting Logic and Twintel Solutions. For Microsoft environment: Digital Housing.

Knowing that attacks could happen to any site at anytime is a bit disconcerting. It would be great if Google would identify the offending content, or give us 24 hours to correct the problem instead of just a surprise suspension and red alert notice. Never-the-less, being aware of what to do and to act quickly will save you time, worry and money.

Related Tags: malware, badware, web success team, badware busters, fix hacked site, hacked ftp site, hacked website, my sites hacked, stop badware, submit site to google

SPECIAL Solopreneur Package: Jump Start Your BusinessThe Web Success Team is offering a Solopreneur Package that will turn your business into an effective marketing hub. It includes a custom 5-page direct response website fully branded and optimized for Search Engines with 6-months of online marketing, social networking, blogging and more. Call 818-222-5643 or email Bob

Your Article Search Directory : Find in Articles

© The article above is copyrighted by it's author. You're allowed to distribute this work according to the Creative Commons Attribution-NoDerivs license.
 

Recent articles in this category:



Most viewed articles in this category: