In a not very beautiful day, you visit your website and may suddenly see this warning “This website at www.MyWebsite.com (example) has been reported as an attack site and has been blocked based on your security preference”. This is not a fictitious scenario; we have seen this problem hurt businesses time and time again and it just happened with our client a few days ago.
If you are a business owner, I bet you will feel the danger right away! This scary warning can immediately sweep away your frequent visitors, your online customers or anyone else who visits your site. Nobody will dare to visit or come back to a blocked website because they are worried that their computer can be infected with malware. Especially if you have an ecommerce website, you definitely would want this warning to disappear immediately.
But it won’t, unless you take the proper actions.
It is necessary to know why this can happen, how you can avoid it, or how to act quickly when you see this kind of warning.
This kind of warning, called Google Malware Warning, is issued by Google when it indexes your website and discovers that there is malware source code. This malware can be active and infect visitors who visit your website. Google then issues this warning to protect the visitors and prevent the malware to run in the visitors’ browsers. Firefox and Google Chrome browsers always show the warning, while many times Internet Explorer can still open the website.
How the malware can possibly land in your website? There are various possible reasons, including (1) your website has some security holes that make it vulnerable for Internet attacks (2) the server that your hosting company uses to host your website is infected with viruses and it affected every websites on that server (3) Google makes a mistake and gives a wrong warning!
How the malware can affect you and your visitors? There are also various types of malware, but in general, it may use your website as a node to attack another targeted website (known as Denial Of Service (DOS) attack), or copy itself to visitor’s computer and steal their information.
What should you do when you see such a warning? The first right thing is to call a web security professional immediately. Fixing web security problems is usually NOT something that business owners would like to try themselves. Meanwhile, there are a few actions you could take:
(1) You should scan your computer, your webmaster’s computer, and any computers that have access to your website files, for viruses and malware.
(2) You should change all passwords for ftp account, email account, and hosting account.
(3) You should request your hosting company to scan their own server to avoid this issue to happen to you again.
The web security expert will screen your website source code for suspicious malware source code and remove them. He/she will also should figure out how the malware can access your website, and fix the security problems.
Now, after your website is clean, you or your web security expert can request Google to unblock your website as soon as possible. There are 2 ways to do that:
a. Send a request via http://www.google.com/safebrowsing/report_error/?tpl=mozilla
b. Use Google Webmaster Tools (https://www.google.com/webmasters/tools) to Request a review. If you have not had an account, sign up for it and follow instruction to verify. This is simple and straightforward so I will not go into the details.
It may take a few days (2-7 days) for Google to come back and review your website and remove the warning. This is a bit frustrating as you have already done everything you could and still see your website blocked.
Tip: When writing the request to Google, make it this way: “The website is now 100% clean, and I’d like to have Google to unblock my website immediately as it is seriously affecting my business”. 90% of the cases your request will be unblocked fairly quick.
To avoid this situation, you should:
Find a good hosting for your website. Do not always look for low-cost host, but look for good track record, quick support and secure hosting service.
Choose a good website vendor. Good website vendors are familiar with popular attacks and can prevent known security holes right at the beginning of the website development process. Of course nobody can guarantee a 100% risk-free website (as hackers are also genius!) but it can prevent novice hackers from coming in and out of your website easily!