What to do about Reported Attack Site message
Last week I had a Malware Virus to deal with, so upon visiting my site you may have seen the blog but also gotten a warning to stay away from this site or you could get a virus. (Don’t worry, it’s very safe!) For those of you with certain virus protection you did not see my blog. In it’s place was a red warning page titled “Reported Attack Site” and a paragraph saying this site was under attack… which is how I found out I had a virus on my own blog! I thought “well, I’ll just go to my WordPress and see what’s up. (Duh!) My site was taken down so there was no WordPress to go to. Also my webmail was taken down, and my blog’s name and domain was removed from all search engines. I’m told that if my blog did get into the search engines it would have had a warning saying not to come to my site. Ouch! But with the help of Hostgator, GoogleWebmasterTools, and Lloyd Lopez, I got through the malware attack pretty much unscathed. I didn’t lose anything and in the end, it was much less traumatic than I expected. Of course, when it first happened I was stressed, but so far, so good.
The message “Reported Attack Site” is a little confusing to me. I’m thinking maybe they should say “Report an Attack to Google” because that is what you have to do. Google detects the malware virus and shuts the site down to prevent it from going any further and protect anyone visiting the infected site. It is then your responsibility to get it fixed and send a report to Google. When it finally gets a clean bill of health they will put your site back up.
I found out that many new bloggers just abandon their blogs when they find the “Reported Attack Site” message because they don’t know what to do about it.Malware virus/hacking is something that all bloggers could encounter, so I will pass on the process that I went through to get my blog back up and running. Keep in mind that there are many different types of hacking and viruses, but mine was a malware virus. To learn more about malware viruses and how to protect your blog, go to WordPress.
1. Call your blog hosting company. Whenever your blog goes down you should call or e-mail the company who hosts your blog. I’d much rather call than send an e-mail because I like instant feedback, so make sure you have the telephone number(s) of your blog host in a notebook ready for these occasions. I use HostGator for this blog and they’re also the host for the MCB Free Blog Tutorial. I cannot say enough good things about them. They are patient, very helpful and easy to talk to for a non-techie like me.
1a. Send e-mail to host security requesting help. HostGator told me I had a Malware Virus and that I had to send an e-mail to HostGator Security to request help and tell them of the warning Google placed on my blog. Security immediately sent notification that they received my request and gave me a case number for the process.
(Of course, you could skip the initial call [1] and just send an e-mail to Security [1a], but I’ve always communicated better through phone… or face to face… and the call was very informative and reassuring.)
2. Wait for notification from host security. It took a while but I finally got an e-mail saying that HostGator assessed my blog and I indeed had been hacked with malware. They told me I was hacked into from WordPress versions that had not been updated, and that my site was now clean.
Problem Solved! (Just kidding!) Now you have to notify Google and wait for Google to approve you.
2a. Report to your Google Webmaster Tools. HostGator told me I now had to let Google know that my site had been cleaned of all badware, so I did. I then checked off the box saying “Please review my blog”..
3. Let Google review blog. I assumed I was in the clear, but Google informed me that they were still detecting “badware” on my site. So I called HostGator and they fixed each problem as Google told us of them. In my case this whole thing took about 3 days before my site was declared “cleaned of badware” .
3a. Wait for OK from Google. I checked my mail constantly and on the third day I was finally got the message: “Status of the lastest badware review for this site. A review for this site has finished. The site was found clean the badware warning from web search are being removed. Please note that it can take some time for the change to propagate.”
Keep checking to see if blog has propogated and you should be up and running when you see your blog online!!
Since my older version of hacked WordPress was hacked into, I had to change my passwords (for Cpanel and admin. log- in too) and make them very strong and I will be changing them often. If you haven’t started a blog yet, make sure you have a notebook or two to hold all of your many passwords, telephone numbers, and dates of expiration for your domain name, blog host, etc.
To decrease the changes of being hacked make sure you have very strong passwords with numbers and symbols mixed in and change those passwords often! If there is anyone who has had this happened to them or can share more information on this type of problem and/or would like to share in comments section or interested in a guest post please leave a comment.
Comments
I hate these virus things. And I encountered blogs that are Attack Site too. Good thing I have a very reliable anti-virus installed in my computer now. We learned our lesson. Last year our desktop got infected with a virus. So we went to a Dell Technician and he fixed our desktop.
So this is the ways to remove that Attack site status of a website? I will let our co-blogger know about this because her blog is an Attack Site.
By the way JJ, I got my new laptop from eBay.com
It is a used one though but still a good price for a slightly used laptop. I love it. It has Windows XP Pro and MS Office in it, plus WI-Fi.
Marly
Hey JJ!
Wow, your blog got attacked? What crazy idiot did this?
Glad to hear you survived it and defeated it like a true zen master martial artist
hehehehe
Hope things go to normal for a bit now and you get some good fortune for a change
Cheers
Diggy
I am happy you got everything worked out. Lesson learned and shared the information. Thanks. Now we can all go back to enjoying your great posts.
Hi jj,
Sorry you had to go through that ordeal. I’ve been through a similar attack and I know how frustrating it can be. Lately, I’ve been seeing more and more sites that have the warning message you mentioned. I also use Hostgator and I agree that their support is top notch.
Thanks for posting the information of what needs to be done in case of the dreaded “Reported Attack Site” message. I’m sure that will be helpful to anyone who has a blog or web site.
Thanks guys for the comments, what I did learn from all of this is we should all be changing our passwords often and really make them strong ones like I mentioned. I did want to also let you all know that I had to change the passwords of my FTP files as suggested by our fellow blogger Plin/Myfrugalways.com. I believe he’s going to write a guest post to explain some of the tech. parts of these virus’s. Robert you are so right I’ve read that this type of virus is on the rise.
I love this post and it comes at the right time. I thought I had a virus on my site and the first thing I did was call my host. They took care of it for me and I would make sure to stress to call them instead of emailing. I have to keep on up on my site constantly because of the traffic so the calling would be what I would do anyways. If that makes sense. LOL I think I’m rambling now.
Hi jj.
I had seen some of my blogger friend with this kind of warning.
Maybe will help them by forwarding this post of yours.
I don’t think every malware came with a same solution though.
See you around.
Hey Taylor, Can’t agree more with you, I “have” to be able to call a company an email is just not good enough for me. I can’t stress enough either that if your hosting co. doesn’t allow or give out phone numbers get rid of them. I do my best negotiations or attitude (lol) over the phone.
Wow very good tips!
I like this blog and iwell viset agen thank you
http://www.forexqs.blogspot.com
This is such an inconvenient thing to have happen. Hackers kill me…I don’t see where the pleasure is they get from doing stuff like that. Is it b/c they know they were a nuisance? I just don’t get it.
I’m glad you were able to get it fixed, and we have HostGator as well and have enjoyed their service so I’m not surprised all was resolved as well as it was.
I was about to make a post on my blog and came across this in my dashboard. WordPress’s blog discussing this virus..or as they call it a “worm”. figured you’d want to share.
http://wordpress.org/development/
Hey JJ -
I did notice it; I like thought it had something to do with my PC (yes, I had a tech come and check just in case …. LOL) I am so glad to know that you got this resolved and SOLVED the mystery for the rest of us. I printed your post for future reference. Just in case I too, will have Hostgator check on my site; as prevention. Be well and thanks for sharing this valuable info
Hello there,
Cool site, I just found it and I am already a fan.
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/development/2009/09/keep-wordpress-secure/
Hey Mominator,Thanks for giving that link, I’m just finding out that the link I’d put in my post that Lloyd Lopez gave me is not showing up. I swear to you all that when I previewed my post that it did work!!lol So I’m going to try this again. So now we have 3 links for you all to check out to really understand some of this tech. stuff. I also have a “great” guest post from Plin at http://myfrugalways.com and he explains even further but in language “I” think is easy to understand about what to do and how it can happen.
It’s really unfortunate that this happened and your site was down for a couple days. I’ve seen that message on other sites but I always just click “ignore.” Maybe I shouldn’t do that anymore lol
Thanks a lot for this useful information. I always wondered what to do in the case of attack. Is three days an average time for Google to answer or is that quick / slow ?
hotel Bohinj, Thanks for the question it seems that in my case I had a few more issues that Hostgator had to contend with. But I will tell you that each time I had to contact Google it was usually within 4 hrs. for a response with either a yes it’s a go or no the problem was not fixed yet. So I would say that Google was right on the ball, I was hesitant at first as to the response time but it wasn’t what I had expected fortunately!! Thanks for visiting my blog, I’ll check yours out today. JJ
Yeah – Viruses don’t you hate them.
I learnt to get the real deal virus protection. You just can’t risk it and for a few dollars the protection is certainly worth it.
After suffering the stupidity of these peole I went and got a password program which means I can choose completely random passwords for everything. Safe in the knowledge that my program will remember all of them and will even automatically log me into all the websites.
Now I only have to remember one password to get into my password program and leave it to do the rest.
It has been a great investment, although you can get free ones.
Hey Bob & Gary, Please do tell, do tell us more and what the names of these programs are? Maybe you can help all of us out that have to go through these malicious acts that “these people” put us through. They cause us loss of money, time and effort of getting our sites back up. Some of these people put us through this mess just so they can make money the illegal way! While we all sit here at our computers everyday trying to make an honest living or just a little extra money to help our families out during one our worst economic times.Thanks for your comments & hope to see you back here soon!! jj
A valuable post and it much helpfull.
Thanks,
Steve
I have had a number of websites hacked just like you. Hostgator must be nicer than my host because I was required to figure it out myself. Luckily I am technically inclined. After several tries, I finally used a network sniffer to view my traffic requests when I visited the page. I found the offending webcall and was able to find the code hack that was doing it. This took me several days. Finally got it cleaned up though.
From now on I’m keeping my blog framework up to date with the latest patches!
Here is the hacked code I found: advQuery hack in Javascript.
hostgator is a great hosting company with a wonderful tech help staff always willing to help one out no matter your degree of knowledge with the technical part of owning/running a blog. That’s what I rely and like about HG.!!
I’m glad you found the post helpful Steve. That is what I was hoping this post and my guest post from Plin would do for anyone out there that has had this happen, or not had it happen and may avoid it by some of the tips that are offered in both posts . Thanks for visiting MCB appreciated. jj
hey JJ,
I am glad you got it all sorted out! I am glad Host Gator was helpful, it is so rare to hear good stories about hosting companies. I had a similar experience on one of my other sites a while back, where anyone coming from Google got told to avoid my blog because of malware. I went through a similar process as you did.
Great post. This is very helpful because this problem are spreading fast. Thank you for sharing this.
They took care of it for me and I would make sure to stress to call them instead of emailing. I have to keep on up on my site constantly because of the traffic so the calling would be what I would do anyways.
I hate those Viruses. I faced problems like this but didnt knew what to do & my blog was totally gone. Now thanks to you I know what to do.
i was posted on sept.5 and after that i can’t have access on my blog! i can remove post that i wrote,but i can see post,comment,nothing!
everytime when i going to try fix my problem it show to me report attack page (like you wrote in post) i was contact blogspot and write aboute my problem but i still don’t have access on my blog. i’m going crazy!