Thread: Any Website experts on Dealing with Malware?

My bros website keeps getting hacked and infected with Malware and its driving him nuts. Any help?

By "hacked and infected with malware", do you mean that his post and page comment sections are getting flooded with spam?

Actually, every time you try and go to his site it is showing a malware warning.

If the site is hacked, that really sucks! What kind of site is it - Static HTML pages, or dynamic content from a database and programming language (php, asp, ect)?

First things last. Take the site offline! Nothing will ruin traffic, seo, return visits, ect quicker than a malware warning. Also there's an ethical responsibility as the site admin to keep the webz free of malicious software, as much as possible.

B - Completely restructure all credentials; usernames, emails, and passwords associated with everything from hosting, database, content management back-end admin, and 3rd party reporting tools.

3 - Clean the code, or install a backup (please tell me there's backups?) to a few weeks before the time the malware notice showed up. If you have to manually clean code, this could be pretty rough if you don't know what you're looking for.

A static HTML site should be relatively easier than most sites. Look for javascript, iframes, forms, and links that don't belong. If its a custom asp site or a php package like wordpress or joomla, crawling through the code may be a bit tougher. If the latter, again please tell me there are backups! If you want, with backups, you can quickly compare versions with software like TortoiseDiff and Tortoise SVN to see if anything has changed in detail from version to version without searching. VERSION CONTROL AND BACKUPS!!!

Forms from some plugins may be susceptible to SQL injections if not properly secured. Check to make sure all plugins are from developers with good track records, and not some open source hack. Check the database for tables that don't belong. Check the directory for files that don't belong.


That's my 2cents.
Google Webmaster Tools looks like they probably have a more comprehensive write up than I just provided here :

https://sites.google.com/site/webmas...d-hacked-sites



Edit:

Oh yeah, after the nightmare of cleaning up after a vandal is over and the clean site is back online, contact google and any other search engine with the warning to have them review the site. The flag for malicious content may take a while to be cleared organically or even at all once flagged.