So you just received the following, dreaded message related to your blog. . .
The Website Ahead Contains Malware!
That’s the message I woke up to today for one of my major websites. And I immediately freaked out. I mean, really freaked out.
What the heck is Malware? And why is my website currently telling people: “The Website Ahead Contains Malware!”
If you’re reading this article, odds are good you are experiencing the same thing. You are probably asking yourself the same questions as me. How did this happen? Who did this?
First of all, I want you to take a deep breath.
Actually. . .
Let’s celebrate a little. In fact, I want you to congratulate yourself. Odds are good that if your website is currently receiving the warning: “The Website Ahead Contains Malware!”
Then you’ve made it. Your site is popular.
Or perhaps you’re just running old software. Or both. And we will cover this in a second.
But back to patting yourself on the back. . .
I mean, your website is popular enough to attract Malware. And if you don’t know what Malware is, you’re not alone.
Basically, Malware is a little piece of nerdy computer code that some hacker fed into your website. And it’s actually pretty common. One easy way bad code gets on your site is through outdated WordPress plugins. Heck, sometimes, you’ll be running more than one site on your server – And the malware will spread from one of your sites to the next. . .
That sounds scary, right? I’m with you.
But let’s hold our horses.
The good news is this. Because there are literally thousands of websites that get slammed with the whole: “The Website Ahead Contains Malware!” stuff – It means there are lots of ways to fix it.
How To Delete Malware From Your Website
Step 1 – Call Your Hosting Company ASAP
The first thing you need to do is call your hosting company. I personally use Bluehost for a lot of my websites. Over the years, I have telephoned them countless times with everything from the mundane to the overly complex. . .
In most instances, they were able to help me.
So when I telephoned yesterday crying to my Bluehost helper about how my website was presently blocking visitors with “The Website Ahead Contains Malware!” warning – My guy was pretty helpful.
He was like, “Take a chill pill.”
Actually, he didn’t say that.
Utilizing Site Doctor
My Bluehost technician did reassure me that this stuff happens every day. In fact, Bluehost and most every reputable hosting company out there has several software solutions built into their service offerings.
The one I chose was called the Site Doctor malware removal service. While the service did cost fifty dollars, they guarantee their work for 30 days – And when your sites are down, paying for this service makes all the sense in the world.
Once you get your malware removal software in motion, the next step is to check out you Google Webmaster Tools.
Step 2 – Open Up Your Google Webmaster Tools
I am assuming you have Google Webmaster Tools set up on all of your most important websites. If you do not, you need to set this up as soon as possible.
[Here is a link to Google Webmaster Tools.]
When you log into your account, you will be provided with an overview of your monitored domains.
When, I logged into my account, I was met with this message:
When I clicked on the “check site health” link, I received the following description.
Google has detected harmful code on your site. To protect visitors to your site from malware, Google’s search results now display a warning when users click a link to your site. Some browsers like Chrome may also show a similar warning.
If that’s not enough to keep you awake at night, I don’t know what will.
Step 3 – Fix The Issues and Request Google Review
Here’s the kicker. At this stage, there isn’t a whole lot you can do but wait for your malware removal service to finish the job and send you an email. My email from Site Doctor came around 5AM the next morning. Here’s what it said:
Thank you for using the Site Doctor malware removal service. Your account is now online.
The exact method that was employed to compromise your account is unclear, but I believe that it was done through one of your outdated installations or one of their themes or plugins. Your account had the following outdated installations:
[They went on to list about a gazillion outdated files.]
At this point, I got super excited. I could finally take the next steps.
Step 4 – Request a Google Review
Once your maleware service cleans and removes all the infected files from your site, your next step is to log back into your Google Webmaster Tools and request a website review.
Once you check the box and click the button, you’ll be met with the following message:
Before you request a review, please make sure your entire site is clean and secure. If no malicious content is found, we’ll remove the warning from your site. This process will take up to 24 hours.
Google will ask you to explain what tactics you completed to remove the maleware.
For this, I wrote:
Utilized Site Doctor at the request of Bluehost. Received notification that maleware was removed. Please confirm and thank you for your help.
Once you request a review, the ball is once again in Google’s court. They say the review could take upwards of 24hrs, which adds a bit of additional anxiety. And if you’re anything like me, I suggest you utilize this downtime to focus on your other outstanding projects.
Step 5 – Recovering from Website Malware
After your website is live again, there are several things you can do to avoid receiving the dreaded message: The Website Ahead Contains Malware! – After completing the Site Doctor service, Bluehost sent me the following security checklist.
Bluehost recommended that I complete the following actions to help secure my websites:
- Change the Admin Email on your account.
- Change the Password on your account.
- Change the Credit Card on file on your account.
- Update and apply any patches, upgrades, or updates that the 3rd party vendor or web developer of your scripts may have available.
- Fix any loose file permissions (this may be the most common exploit vulnerability)
- Delete all non-system Ftp Accounts that were created, or at the very least, change the passwords to the FTP Accounts.
- Remove any Access Hosts by clicking the “Remote Mysql” icon and clicking the Remove Red X by each entry if there are any entries.
- Check your scripts for any Header Injection attacks, Sql Injection attacks, Cross-Site Scripting attacks, etc., as well as your php.ini file settings.
- Check your home/work computers for any viruses, trojans, or keyloggers.
Suffice it to say, I know what I’ll be doing all day tomorrow!
Not all aspects of running an internet business is fun. But this is true of any business. Dealing with issues without losing your mind is all part of the fun.
When you receive the dreaded message: The Website Ahead Contains Malware!
Don’t lose your cool.
While this is a new experience for you, these issues are pretty common for any successful website. Hosting companies and Google Webmaster tools are your best friend in the fight against maleware.