You have website malware and now you are getting listed on search pages with a warning that visiting your website may harm someone's computer. On top of that when you try to visit your website you get the following type of message:
YIKES! This is the message that strikes fear into every business owner who relies on their website for their business. It's almost impossible to get past the message without finding another link.
Cleaning and disinfecting a website can be very time consuming and costly. Our most recent experience started about a month ago with a hosting client. We first noticed issues when the account started sending out massive amounts of spam. The next thing that happened was our server got blacklisted on spam lists and other users couldn't email to hotmail, Aol, Yahoo, ...etc. The turn of events caused a domino effect which took hours to fix. Once we fixed the problem we had to get delisted from the spam blacklists and then request delisting from each email provider such as Hotmail and Yahoo. FYI getting delisted from Yahoo takes days and they are the slowest to respond. BEWARE!
Malware can hurt your SEO without you even knowing it
We found a lot of malware on the website which can be caused by many things. A website running open source that has outdated software, or simply a weak password to log into their content management system. After disabling the malware we did the following for best practices:
- Update the system with all the latest software
- Change passwords to the Cpanel hosting account login
- Change passwords to all FTP accounts
- Change database passwords
- Review software and run a final scan
This particular client had a Joomla website that was pretty up to date. 99% of the time once we do these things we don't have problems coming back. Unfortunately in this case we weren't so lucky.
If you get blacklisted it can take days for some providers to unblock your domain
The next week I got an email from another client who said they couldn't email Yahoo. After investigating the same website had malware once again. I couldn't believe we didn't stop the problem so we went through the whole process once again. At this point I wasn't so confident and was just hoping we plugged the security holes. We took some precautions such as throttling the outbound emails to 5 per minute in case we saw it happening again.
We talked to the owner and recommended converting to WordPress so we can give better security. Our network has a lot of security built into it and we haven't had any problems in over a year. So we made a plan to start a simple conversion on our monthly plan which is just $99/mo. www.softiredweb.net/pricing
If Google is showing your search results as hacked you have to follow procedures to get delisted
In the middle of the process of moving over all the content to the new website I got a call from the owner. Google was now listing their website as being hacked and warning users to stay away and visiting could harm their computer. Getting blacklisted by Google has even more issues with getting delisted. Once the site is completely cleaned up then you need to submit a request through Search Console to remove the warning. This process can be extremely time consuming.
The good news is that we were able to get the new website up and running fairly quickly. This was fortunate for them but could be very difficult for others.
If you think you may have malware or just want to be sure you won't get any in the future, click below.