Reported Attack Page! Does Google Hate Me?

Gary Oosterhuis | January 8, 2013

In an attempt to provide its users with a good browsing experience, Google prevents them from visiting sites that may harm their computer. They do this by scanning websites for malware. If malware is found on a website a ‘Reported Attack Site!’ message is displayed to Firefox and Google Chrome users when attempting to visit the website.

Website hackers inject malware into websites  in an attempt to inject malware into existing website coding. The malware tends to redirect visitors to, or provides hidden links to other websites. This is done increase traffic to their own website or to increase increase its organic search engine ranking.

How do I get rid of this horrible message?

First, remove the malware from your website and change all passwords related to the hosting account. If you need help removing malware from your site, contact us.

Second, create a Google Webmaster Tools account, add your site to it, and then use Google Webmaster Tools control panel to request that Google review your website. Google will review your site within 1-3 days and if no malware is found, they will remove your site from their Attack Site list.

How do I stop this from happening again?

Stopping hacking attempts nearly impossible. There are a number of ways that a hacker can get into your website and they’re always finding new ways. Its important to ensure that all open source content management systems and their plugins are kept up to date.

1. Through FTP
A hacker can gain access to your FTP account sniffing network traffic while on your network or by performing a brute force attack. A brute force attack (AKA a dictionary attack) is where a hacker repeatedly tries various usernames and passwords until they gain access to the FTP account.

2. Through another hosting account
Once a hacker gains access to another account, depending on the level of security, they may be able to gain access to modify files that belong to accounts on the same server.

3. Through online forms
if an online form, such as a contact or inquiry form, is not properly protected, a hacker can inject code into any one of the fields that could run additional code on the server.

4. Through outdated content management system
No programming is flawless. Even the best programmers, such as those that contribute to the wordpress project, are not able to write perfect code. Vulnerabilities are constantly being found in content management systems such as wordpress. This includes the plugins and addons. It is important to keep open source content management systems up to date at all times.

What else can I do?

Link Web Development offers daily malware scans for websites. If malware is found we will remove it within 4 hours of its discovery. Contact us to find out more.

Add a Comment

Your email address will not be published. Required fields are marked *