Warning this Site May Harm Your Computer – Now What?

Its a slow day and you happen to be taking a look at your site and seeing how your site shows up in Google when you see this:

Or you visit your site and see this warning:

Now you are wondering why on earth it says something like this and how did it happen.  The simple answer is that your site has been hacked and a virus or a redirect to a site with viruses has been embedded into your files.

I’m sure the next three questions you have are:

  • How did this happen?
  • How do I fix it right away?
  • How do I stop this from happening again?

There are a few ways the virus could have been embedded into your site.  Some of it depends on the type of site you have.  If you have a website that runs on a database, which is any site that has a blog, content management system or runs a shopping cart, you are more susceptible to viruses and being hacked. The main ways this happens is:

  1. The hackers got access to your hosting account either via hacking at the hosting control panel or by hacking getting a list of user names and passwords from those that work at the hosting company or by hacking the hosting company’s information.  The solution here is to ensure you are updating your hosting and FTP password are updated routinely, monthly is best.
  2. If your site runs on a database or is running on some sort of software there could be security vulnerabilities just from the way it was built or within the software.  This is why it’s important to ensure your software or coding has the latest updates from the programming company.  For instance, if your site is operating on a Magento or Creloaded shopping cart software or Joomla content management system, make sure it has the latest patches from Magento, Creloaded or Joomla.  If your site has custom coding ensure your programmer has included all the latest security features and keeps them updated.
  3. Add-ons and plug-ins could also be the culprit.  There are many sites out there that offer free scripts, add-ons or plug-ins to add to a website or specific software that can do all sorts of cool things, however malicious individuals could also use this as a means to hack into the site or embed viruses into them.  Make sure you get your add-ons, scripts and plug-ins from trustworthy resources.
  4. Your hosting company was hacked and the virus disseminated through the server itself.  This has happened, most notably with Network Solutions, not just once but twice in a short period of time, you can read up on it here. Network solutions is a very large hosting company, if it can happen to them it can happen to all sized hosting companies.  There is no way to protect yourself from this happening but you need to make sure you have the measurements in place to ensure you can fix the site quickly.  Don’t rely on your hosting company like many Network Solution clients did, to fix the issue as 2 months later many sites still had viruses which wreaked havoc with traffic, search engine results and most importantly sales.

Regardless of how the virus was embedded into the site the key is to get it removed and quickly.  The easiest way to do this is always make sure you have a current copy of your site’s files.  Some hosting control panels offer an easy way to back up your site files without having to access it with a file transfer type software so you can do this yourself without having to rely on a webmaster or design company.  Cpanel and Plesk hosting typically have a quick way to back up and save a zipped file.  Usually with this you can save a copy on the server or on your computer.  In this case choose to keep it on your computer because if it’s stored on the server its also susceptible to having the virus embedded in it.  If you are familiar with FTP programs and how to download a copy via FTP make sure you get all the folders on the server.  Make sure you take a fresh back up after every change or if you change your site daily, at least weekly.

If you don’t have a backup then you will have to figure out what type of virus it is and how it is typically embedded into the code.  If it’s a simple redirect it could be as simple as needing to remove it in the htaccess file, however some nasty viruses do a find replace based on a specific element of the code on each page and there could be many pages needing to be manually fixed.  If you have no clue what I just said, hire someone who has experience in removing viruses.

Once the virus is removed resubmit your site to the search engines and give it a day or two for them to update that the virus is gone, which will remove the warnings in the browsers.

Ultimately the quicker you identify that you have a virus and have it removed the better it is for your site both for any search engine rankings and the warning visitors will see in their browsers.