Click Here!
Results 1 to 5 of 5
Like Tree2Likes
  • 2 Post By KingThomas

Thread: Any Website experts on Dealing with Malware?

  1. #1
    waxing poetic Hipcheck's Avatar




    Join Date
    Apr 2001
    Posts
    30,869
    Liked
    1816 times
    Karma
    1020000
    Mentioned
    17 Post(s)
    Tagged
    0 Thread(s)
    Quoted
    219 Post(s)

    Default Any Website experts on Dealing with Malware?

    My bros website keeps getting hacked and infected with Malware and its driving him nuts. Any help?
    "How Dare You Trump My Clever Witticism"

    Click 4 LGK INTERNET RADIO ARCHIVE

  2. #2
    Bring on Vancouver! USCKingsFan31's Avatar




    Join Date
    Oct 2005
    Posts
    7,384
    Liked
    1922 times
    Karma
    1370828
    Mentioned
    14 Post(s)
    Tagged
    0 Thread(s)
    Quoted
    262 Post(s)

    Default

    By "hacked and infected with malware", do you mean that his post and page comment sections are getting flooded with spam?

  3. #3
    waxing poetic Hipcheck's Avatar




    Join Date
    Apr 2001
    Posts
    30,869
    Liked
    1816 times
    Karma
    1020000
    Mentioned
    17 Post(s)
    Tagged
    0 Thread(s)
    Quoted
    219 Post(s)

    Default

    Actually, every time you try and go to his site it is showing a malware warning.
    "How Dare You Trump My Clever Witticism"

    Click 4 LGK INTERNET RADIO ARCHIVE

  4. #4
    Everybody relax, I'm here KingThomas's Avatar




    Join Date
    Feb 2004
    Posts
    1,546
    Liked
    671 times
    Karma
    1083004
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quoted
    85 Post(s)

    Default

    If the site is hacked, that really sucks! What kind of site is it - Static HTML pages, or dynamic content from a database and programming language (php, asp, ect)?

    First things last. Take the site offline! Nothing will ruin traffic, seo, return visits, ect quicker than a malware warning. Also there's an ethical responsibility as the site admin to keep the webz free of malicious software, as much as possible.

    B - Completely restructure all credentials; usernames, emails, and passwords associated with everything from hosting, database, content management back-end admin, and 3rd party reporting tools.

    3 - Clean the code, or install a backup (please tell me there's backups?) to a few weeks before the time the malware notice showed up. If you have to manually clean code, this could be pretty rough if you don't know what you're looking for.

    A static HTML site should be relatively easier than most sites. Look for javascript, iframes, forms, and links that don't belong. If its a custom asp site or a php package like wordpress or joomla, crawling through the code may be a bit tougher. If the latter, again please tell me there are backups! If you want, with backups, you can quickly compare versions with software like TortoiseDiff and Tortoise SVN to see if anything has changed in detail from version to version without searching. VERSION CONTROL AND BACKUPS!!!

    Forms from some plugins may be susceptible to SQL injections if not properly secured. Check to make sure all plugins are from developers with good track records, and not some open source hack. Check the database for tables that don't belong. Check the directory for files that don't belong.


    That's my 2cents.
    Google Webmaster Tools looks like they probably have a more comprehensive write up than I just provided here :

    https://sites.google.com/site/webmas...d-hacked-sites



    Edit:

    Oh yeah, after the nightmare of cleaning up after a vandal is over and the clean site is back online, contact google and any other search engine with the warning to have them review the site. The flag for malicious content may take a while to be cleared organically or even at all once flagged.
    Last edited by KingThomas; January 5th, 2013 at 11:55 PM.
    Hipcheck and SirJW like this.

  5. #5
    waxing poetic Hipcheck's Avatar




    Join Date
    Apr 2001
    Posts
    30,869
    Liked
    1816 times
    Karma
    1020000
    Mentioned
    17 Post(s)
    Tagged
    0 Thread(s)
    Quoted
    219 Post(s)

    Default

    Thanks Guys!
    "How Dare You Trump My Clever Witticism"

    Click 4 LGK INTERNET RADIO ARCHIVE

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82