What to do about Reported Attack Site message
Last week I had a Malware Virus to deal with, so upon visiting my site you may have seen the blog but also gotten a warning to stay away from this site or you could get a virus. (Don’t worry, it’s very safe!) For those of you with certain virus protection you did not see my blog. In it’s place was a red warning page titled “Reported Attack Site” and a paragraph saying this site was under attack… which is how I found out I had a virus on my own blog! I thought “well, I’ll just go to my WordPress and see what’s up. (Duh!) My site was taken down so there was no WordPress to go to. Also my webmail was taken down, and my blog’s name and domain was removed from all search engines. I’m told that if my blog did get into the search engines it would have had a warning saying not to come to my site. Ouch! But with the help of Hostgator, GoogleWebmasterTools, and Lloyd Lopez, I got through the malware attack pretty much unscathed. I didn’t lose anything and in the end, it was much less traumatic than I expected. Of course, when it first happened I was stressed, but so far, so good.
The message “Reported Attack Site” is a little confusing to me. I’m thinking maybe they should say “Report an Attack to Google” because that is what you have to do. Google detects the malware virus and shuts the site down to prevent it from going any further and protect anyone visiting the infected site. It is then your responsibility to get it fixed and send a report to Google. When it finally gets a clean bill of health they will put your site back up.
I found out that many new bloggers just abandon their blogs when they find the “Reported Attack Site” message because they don’t know what to do about it.Malware virus/hacking is something that all bloggers could encounter, so I will pass on the process that I went through to get my blog back up and running. Keep in mind that there are many different types of hacking and viruses, but mine was a malware virus. To learn more about malware viruses and how to protect your blog, go to WordPress.
1. Call your blog hosting company. Whenever your blog goes down you should call or e-mail the company who hosts your blog. I’d much rather call than send an e-mail because I like instant feedback, so make sure you have the telephone number(s) of your blog host in a notebook ready for these occasions. I use HostGator for this blog and they’re also the host for the MCB Free Blog Tutorial. I cannot say enough good things about them. They are patient, very helpful and easy to talk to for a non-techie like me.
1a. Send e-mail to host security requesting help. HostGator told me I had a Malware Virus and that I had to send an e-mail to HostGator Security to request help and tell them of the warning Google placed on my blog. Security immediately sent notification that they received my request and gave me a case number for the process.
(Of course, you could skip the initial call [1] and just send an e-mail to Security [1a], but I’ve always communicated better through phone… or face to face… and the call was very informative and reassuring.)
2. Wait for notification from host security. It took a while but I finally got an e-mail saying that HostGator assessed my blog and I indeed had been hacked with malware. They told me I was hacked into from WordPress versions that had not been updated, and that my site was now clean.
Problem Solved! (Just kidding!) Now you have to notify Google and wait for Google to approve you.
2a. Report to your Google Webmaster Tools. HostGator told me I now had to let Google know that my site had been cleaned of all badware, so I did. I then checked off the box saying “Please review my blog”..
3. Let Google review blog. I assumed I was in the clear, but Google informed me that they were still detecting “badware” on my site. So I called HostGator and they fixed each problem as Google told us of them. In my case this whole thing took about 3 days before my site was declared “cleaned of badware” .
3a. Wait for OK from Google. I checked my mail constantly and on the third day I was finally got the message: “Status of the lastest badware review for this site. A review for this site has finished. The site was found clean the badware warning from web search are being removed. Please note that it can take some time for the change to propagate.”
Keep checking to see if blog has propogated and you should be up and running when you see your blog online!!
Since my older version of hacked WordPress was hacked into, I had to change my passwords (for Cpanel and admin. log- in too) and make them very strong and I will be changing them often. If you haven’t started a blog yet, make sure you have a notebook or two to hold all of your many passwords, telephone numbers, and dates of expiration for your domain name, blog host, etc.
To decrease the changes of being hacked make sure you have very strong passwords with numbers and symbols mixed in and change those passwords often! If there is anyone who has had this happened to them or can share more information on this type of problem and/or would like to share in comments section or interested in a guest post please leave a comment.