You’ve Cleaned Your Infected Website – Now What?
Have you had your site hacked and services such as Google Safe Browsing are marking your site as a source of Malware? Once you’ve cleaned your site, your computer, and you’re back up and running, you may still have a few things left to do in order to fully recover from the effects of the malware.
In this post we’re going to summarize the details for getting your site reviewed and listed as clean with some of the major services, since you don’t want to scare away visitors when your site is perfectly safe.
Google Safe Browsing
Google’s blog post The Malware Warning Review Process covers how a webmaster, once they’ve identified malware on their site, can submit a review request to Google. Once your site is clean, you can submit a review request via Google’s Webmaster Tools. Google says they can complete these reviews within a few hours or at most one day after receiving the request.
Once Google deems the website to be clean, they will then remove the site from their database of infected sites, which will remove the warning on search results and remove the warning from browsers using their data (such as Firefox and Chrome).
- TIP: Follow these steps to have Google email you when they find something suspicious with your website: http://support.google.com/webmasters/bin/answer.py?hl=en&answer=140528
Norton Safe Web
Symantec has a reputation service called Norton Safe Web which will let user’s of their toolbar know when a site has been infected or flagged for certain activity. You can test your site on their system here and they have a process where you can register with Norton, claim your URL, and request a review of your site if it is now clean. Norton has additional details here on how to have your site reviewed.
- TIP: Once you claim your URL, click on My Profile > Site Dispute > Notify me when site rating changes, and Norton will email you if your rating ever changes in the future.
Similar to Safe Web, McAfee’s Site Advisor will alert users to websites with malicious software or other vulnerabilities. Test your URL on their site, and if you need to request your site to be reviewed they have a feedback form. Be sure to fill in the URL field and select the “Submit a site for (re)testing” option.
AVG Threat Labs
Before we go, we just want to mention 2 key items that can help you keep your site safe:
- Don’t Save FTP Passwords – The most common way we see websites “hacked” is through the hacker obtaining the FTP password. If you don’t save the password in your FTP program that will greatly reduce the chance of it being obtained.
- Run MalwareBytes – This is a free malware scanning program which can help keep your computer clean of password-stealing software. If you purchase it you can schedule updates and scans to run automatically. – http://www.malwarebytes.org/
Have we missed a service you would like to see posted here? If you know of another tool we should list please post in the comments and we’ll add it to the list.