How To Know If Google Finds Malware On Your Site

This is a question I get quite a bit so I thought it would make sense to go over it briefly in a post. Having malware on your site can dramatically impact your rankings or even worse get you de-indexed so it is an absolutely critical topic to understand. First let me talk a bit about how the Malware might have gotten there in the first place.

Malware is often injected into a site when some component of that site has a security exploit. This could be a number of things like an old plugin, an insecure PHP directory script, or even security holes that your hosting company has not patched on their end. The last problem is easy to solve, pick a hosting provider that you can trust, I personally recommend HostGator for standard hosting and ZippyKid for WordPress hosting. If your hosting provider is insecure it doesn’t matter how secure your site is.

If you’re running WordPress or any third party PHP scripts make sure you are running the latest versions, same goes for any plugins you might have installed. Decide whether you want to manage your site’s security or not, and if not, hire someone who will.

Okay, so you think their might be malware on your site, how can you be sure? Google will actually tell you if they have detected any malware on your site for free in Google Webmaster Tools. To access this feature simply select “Malware” under “Health” on the sidebar as shown below:

If you see anything other than “Google has not detected any malware on this site.” Then you have a problem. There are two routes you can take:

  1. If you are technically savvy enough to detect and remove the malware yourself, dig in!
  2. If you are not technically savvy enough to detect and remove the malware yourself, hire someone. I personally use and highly recommend Jesse from AdminDaily, they have gotten me out of more than a few jams. (Oh and tell them Morgan sent you to get the best pricing!)

That’s it. Simple and completely free to detect malware using Google’s own tools. I recommend checking this at least once a week to make sure that you remove any malware as close as possible to the day it was added. If malware sits on your site for too long your site could decrease in ranking or get de-indexed completely so you never really can check for it too often.

Thanks for reading and as always I welcome any questions, comments, or recommendations you’d like to share! Comment and let your voice be heard!

{ 1 comment… add one }

  • Jesse June 2, 2012, 11:48 am

    Hi Morgan,
    Once again, great post and thanks for the mention. Site security is something that is so often overlooked (good for my business, bad for my clients) that it’s good to see someone take it as seriously as you do and share that knowledge with others.

    Shared hosting will always be a compromise between what would be “best practices” for security and “needed functionality” to cover multiple clients on the same server so some compromises will have to be made. Too many people think they can sign up for a shared hosting account and just run with it, that security for that site will fall on the host and that it should be good enough, this is definitely not the case and a bit of forward planning is much easier than cleaning up the mess afterwards (if the hackers even leave anything there to clean up)

    A definite must have for everyone would be to run mod_security and use a solid set of rules. Rule sets are available for free from several sites and there are also subscription based rule sets that are updated daily so they can be highly responsive to the latest threats, these rules can even block hackers from utilizing an exploit on your site that could exist in an outdated plugin, bad code or hole and these rules are also great for blocking many forms of automated comment spam that WordPress sites have to deal with so often.

    Another must have is a firewall, these come in many variations from free software based types to very expensive hardware solutions but the concept behind them is the same, if something bad starts happening the firewall will (hopefully) detect it and block the offenders IP address, denying them access to your server and the ability to perform malicious actions. I can’t stress enough the importance of this measure. Most of these hacking attempts start off as a “brute force” attack where they will hammer your site with a program that tries to guess your login information over and over until they are either successful or something stops them (secure passwords are a must) While a firewall will offer some protection to this it is also important to know that cPanel already has brute force protection available but it is not enabled by default and most people don’t even know it exists to enable it. It’s called CPHulk and is a no brainer for those that have it available.

    BACKUPS BACKUPS BACKUPS!!!!! These are absolutely critically important, possibly the most important thing you need to have. If your site is compromised having a known good backup can have you up and running quickly with a known good file set BUT it does no good to restore a backup if that backup contains malicious code that will allow the bad people right back in so this brings me to my next recommendation…

    Active response systems, these are systems that are designed to monitor everything that is happening in real time as it happens on your server, if someone somehow gains access and they try to upload a shell script or other malicious code these systems can detect that upload and block it in real time, preventing that malicious code from even getting onto your server. There are various options for this as well from stand alone applications that just serve this purpose for under $100 to systems that are a complete security solution that are $200-$300 or more per year on a subscription basis. The higher end systems cover all aspects of your server security (only available on VPS/dedicated accounts) and will incorporate your firewall, active scanning and blocking as well as server hardening, rootkit detection, antivirus scanning and blocking and managing/keeping updated your mod_security rule sets, antivirus definitions, rootkit signatures etc. I HIGHLY recommend these types of systems if your site is of any value to you and you want to ensure you are as secure as possible.

    I could ramble on about this all day but the bottom line is that everyone who has a site they care about needs to take a proactive approach to securing their site and protecting their investment. If you built a new home it would be highly illogical to want to save a few bucks by not putting locks on the doors when the contents of your home are much more valuable than the price of the locks, website security should be no different.

    Reply

Leave a Comment