The Dark Side Of The Internet: What To Do If Your Site Is Attacked!
- Date: 2009-06-11 - Word Count: 709
Share This!
Imagine one morning you log on to your website only to find it has been suspended by Google. Without warning, your informative home page has been replaced by a Google Red Alert page that reads:
Reported Attack Site:
"This web site at YourURL.com has been reported as an attack site and has been blocked based on your security preferences. Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system. Some attack sites intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners."
This article is not intended to scare you, but rather to show you that the Internet can be a very nasty environment and that this could happen to your website at any time.
Internet Wars: May the Google Force Be With You
Generally, malware is installed onto a website because someone hacked into the FTP server or got the login information from the owner's email. More often than not, a website is hacked through your own email account. Therefore, it is extremely important to remove any sensitive information from your email.
Unfortunately, one of our client websites, not hosted by us, was attacked and suspended two months after launch when it was previously Google compliant and functioning perfectly. The site was compromised by a hacker who placed a malicious script or virus (badware) into the coding which could then cause users' computers to be infected. Google then informed us that the solution would be to remove the offending (and usually hidden) content from the web pages, and identify the problem and correct the vulnerability.
Once the site has been fixed and secured, you can request that the warning be removed by visiting My Site's Been Hacked and then asking for a review. If the site is no longer harmful to users, Google will remove the warning and the site will be reinstated.
The Solution to Stopping Badware!
When our client brought the Red Alert to our attention, we thoroughly reviewed the site. We found no obvious badware scripting, but something external triggered the alert. Since we always keep a clean back-up copy of clients' websites, we decided to upload the original files to their ftp site and replace the entire web contents - in essence, performing a clean install. Then we resubmitted it to Google and their partner, Stop Badware for a new review and approval. Even before Google's approval, the site was live at once and functioning properly as soon as we replaced the corrupted files. The offending Red Alert page was gone (hopefully forever).
The Best Place to Find Help
In order to help prevent future attacks, we attached Google Webmaster Tools to monitor the site and its activity. We submitted the site to Badware Busters and informed the client to change his password on their FTP site as a further precaution.
Please understand that badware (aka spyware, malware, adware) can also come in the form of malicious user-contributed content or content from an ad network that has an offending advertiser. If you have unwittingly downloaded badware and your computer is compromised, please visit the Stop Badware site for information on how to remove the offending content. The site is also excellent for tips on cleaning and securing your site and, as in the case of our client, how to submit your site for review and re-approval by Google.
Prevention Tips
There are a few things you can do to prevent badware:
1. Use Mozilla Firefox instead of Internet Explorer, which is more susceptible.
2. Keep your anti-virus software up-to-date
3. Put a firewall on your computer
4. Use physical firewalls by not connecting directly to public IPs
Many hosting providers typically do not find out about malware users until the site is already infected. This is because their security systems are not actively monitoring the system's activity. For trusted hosting providers, we recommend for Apache environment: Web Hosting Logic and Twintel Solutions. For Microsoft environment: Digital Housing.
Knowing that attacks could happen to any site at anytime is a bit disconcerting. It would be great if Google would identify the offending content, or give us 24 hours to correct the problem instead of just a surprise suspension and red alert notice. Never-the-less, being aware of what to do and to act quickly will save you time, worry and money.
Reported Attack Site:
"This web site at YourURL.com has been reported as an attack site and has been blocked based on your security preferences. Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system. Some attack sites intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners."
This article is not intended to scare you, but rather to show you that the Internet can be a very nasty environment and that this could happen to your website at any time.
Internet Wars: May the Google Force Be With You
Generally, malware is installed onto a website because someone hacked into the FTP server or got the login information from the owner's email. More often than not, a website is hacked through your own email account. Therefore, it is extremely important to remove any sensitive information from your email.
Unfortunately, one of our client websites, not hosted by us, was attacked and suspended two months after launch when it was previously Google compliant and functioning perfectly. The site was compromised by a hacker who placed a malicious script or virus (badware) into the coding which could then cause users' computers to be infected. Google then informed us that the solution would be to remove the offending (and usually hidden) content from the web pages, and identify the problem and correct the vulnerability.
Once the site has been fixed and secured, you can request that the warning be removed by visiting My Site's Been Hacked and then asking for a review. If the site is no longer harmful to users, Google will remove the warning and the site will be reinstated.
The Solution to Stopping Badware!
When our client brought the Red Alert to our attention, we thoroughly reviewed the site. We found no obvious badware scripting, but something external triggered the alert. Since we always keep a clean back-up copy of clients' websites, we decided to upload the original files to their ftp site and replace the entire web contents - in essence, performing a clean install. Then we resubmitted it to Google and their partner, Stop Badware for a new review and approval. Even before Google's approval, the site was live at once and functioning properly as soon as we replaced the corrupted files. The offending Red Alert page was gone (hopefully forever).
The Best Place to Find Help
In order to help prevent future attacks, we attached Google Webmaster Tools to monitor the site and its activity. We submitted the site to Badware Busters and informed the client to change his password on their FTP site as a further precaution.
Please understand that badware (aka spyware, malware, adware) can also come in the form of malicious user-contributed content or content from an ad network that has an offending advertiser. If you have unwittingly downloaded badware and your computer is compromised, please visit the Stop Badware site for information on how to remove the offending content. The site is also excellent for tips on cleaning and securing your site and, as in the case of our client, how to submit your site for review and re-approval by Google.
Prevention Tips
There are a few things you can do to prevent badware:
1. Use Mozilla Firefox instead of Internet Explorer, which is more susceptible.
2. Keep your anti-virus software up-to-date
3. Put a firewall on your computer
4. Use physical firewalls by not connecting directly to public IPs
Many hosting providers typically do not find out about malware users until the site is already infected. This is because their security systems are not actively monitoring the system's activity. For trusted hosting providers, we recommend for Apache environment: Web Hosting Logic and Twintel Solutions. For Microsoft environment: Digital Housing.
Knowing that attacks could happen to any site at anytime is a bit disconcerting. It would be great if Google would identify the offending content, or give us 24 hours to correct the problem instead of just a surprise suspension and red alert notice. Never-the-less, being aware of what to do and to act quickly will save you time, worry and money.
Related Tags: malware, badware, web success team, badware busters, fix hacked site, hacked ftp site, hacked website, my sites hacked, stop badware, submit site to google
SPECIAL Solopreneur Package: Jump Start Your BusinessThe Web Success Team is offering a Solopreneur Package that will turn your business into an effective marketing hub. It includes a custom 5-page direct response website fully branded and optimized for Search Engines with 6-months of online marketing, social networking, blogging and more. Call 818-222-5643 or email Bob Your Article Search Directory : Find in Articles
Recent articles in this category:
- What Is Spyware?
If you use a computer then there are certain things that you have to be educated about. Spyware is o - There's No Such Thing As The Perfect Password
Even though you can get advice on how to create the perfect password, it's important to realize that - Shopping Online For Contacts: Security And Privacy
The Fairness to Contact Lens Consumer Act, signed into law in 2004, empowered lens wearers with the - Step-by-step Procedure Of Ssl Certificate Installation
SSL certificates are used to transfer the private data entered on the user computer to the website o - Software Protection Versus Code Obfuscation - Stable Software Protection
Security of intellectual property is crucial for every business in today's modern reality. Competiti - Portable Mini Digital Video Recorder
Portable Mini Digital Video Recorder is one of the world's smallest high-resolution mini Digital Vid - Protecting Domain Name From Cyber Squatting And Hijacking
Before I go into details about protecting domain name you should first know that there is no busines - Finding Email Senders Using Reverse Email Lookup
Most of our email inboxes are flooded with so many solicited and unsolicited messages that it's ofte - Confidentiality With Secure Email
Confidentiality, in any business, is among the most significant key in order to keep a client. There - Covering Your Computer's Footprints
When you delete a file, email, or piece of internet history on your computer, where do you think it
Most viewed articles in this category:
- How Does Ssl Fit Into the Over Scheme of Internet Security?
Internet has become an integral part of our life. Most of us prefer to do maximum amount of transact - Tips of Security
Protecting private information Information is the lifeblood of most, if not all, modern organis - Your Security Awareness Iq
Article about security awareness: Are you aware of the need for security? Your awareness o - Information Security Endangered
Sour time is coming. Spy programs are stealing information more easily. The reason is weak algorithm - Internet Attack Methods
The U.S. Government's National Information Assurance Glossary defines Information Security as: Prote - Computer Viruses
In information security , computer virus is a manmade program or piece of code that is loaded onto y - The Top 7 Threats to your Computer in 2007
Now that the holidays are behind us, the cost-conscious among us will be looking for those "post-hol - In Reality, Spyware is Always a Threat
I received a spam email the other day and the subject said "Tired of reality shows? Make your ow - Security Using Public Internet Array Access
Internet comes to peoples lives and then suddenly comes truth, that WE CAN'T LIVE WITHOUT INTERNET. - Anti-virus Software Comparison Test
Virus.gr tested quite a few different software companies to see how they would stack up against each