malware in my site google blocking site

  • around two weeks ago I notice I was not able to update or install plugins, turned out to be that my folders and files had a different permissions, godaddy didn’t tell me why it change, I change everything manually and worked fine.

    yesterday I got a notice from google that my ads where not running because they detected malware.

    I deletes more plug and deactivate others, I asked for a review from google webmaster and got answer, that my site is clean but is probably is referencing code or content from another domain that has malware.

    this web explains my problem.

    what do we need to do? Google still blocking my site.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Moderator James Huff

    (@macmanx)

    If what you linked to is indeed what your problem is, then the solution appears to be under “Cleanup and Protection” in that article.

    Beyond that, WordPress has no control over Google blocking your site. You will need to get in touch with them regarding the removal of the block.

    One of my sites got attacked yesterday with this same issue. Google has a warning up on the site right now. I would like to disable the site as soon as possible, but I’m worried about logging into my admin site and downloading a virus or malware. I have three noob questions:

    1 – can I log in to my admin site without downloading whatever Google is concerned about?

    2 – Who cleans WordPress when their software has been hacked? (my security manager says that my content has not been hacked. He is telling me that WordPress software has been hacked and within their code lies the issues)

    3 – What is the best way to protect my sites from this backdoor attack?

    Here is part of the Google warning:

    ______________________________________
    What is the current listing status for wpcache-blogger.com?

    Site is listed as suspicious – visiting this web site may harm your computer.

    Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

    What happened when Google visited this site?

    Of the 210 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-12-25, and the last time suspicious content was found on this site was on 2014-12-25.

    Malicious software includes 73 exploit(s).

    This site was hosted on 1 network(s) including AS57311 (NEOHOST-AS).

    Has this site acted as an intermediary resulting in further distribution of malware?

    Over the past 90 days, wpcache-blogger.com appeared to function as an intermediary for the infection of 122 site(s) including pachanyc.com/, ocdn.me/, enigma-marketing.co.uk/.

    Has this site hosted malware?

    Yes, this site has hosted malicious software over the past 90 days. It infected 12440 domain(s), including bertaltena.com/, polishexpress.co.uk/, maracanafoot.com/.

    How did this happen?

    In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

    Moderator James Huff

    (@macmanx)

    can I log in to my admin site without downloading whatever Google is concerned about?

    You should be able to.

    Who cleans WordPress when their software has been hacked?

    You do. Remain calm and carefully follow this guide.

    What is the best way to protect my sites from this backdoor attack?

    You may want to implement some (if not all) of the recommended security measures.

    If you have any further questions, please open your own thread: https://www.ads-software.com/support/forum/how-to-and-troubleshooting#postform

    Thread Starter litleboy

    (@litleboy)

    I’m getting the same answer, from the hosting company: its my web its my responsibility, from wordpress: its a plugin from the plugin developer: we updated the plugin. from IT guy: maybe ist in your hosting server because I cant find anything wrong.

    but the problem still persists I did all I could, I have minimal plugins, cant find any code that calls for the malware web.

    I saw this message on the inspection console
    Failed to load resource: the server responded with a status of 404 (Not Found)
    https://ads.akeemdom.com/db26

    where can I find what is calling for that resource?

    Thanks.

    Moderator James Huff

    (@macmanx)

    Did you follow this guide completely?

    Thread Starter litleboy

    (@litleboy)

    Those are generic steps to a hacked site, No I didn’t follow the guide completely, because that would mean that I deleted that site and started from scratch. and its what Im trying to find. if there is a way to correct this without starting from scratch.

    This was an attack on rev slider plug and skylab theme, I was hoping someone had the solution to that specifically.

    Moderator James Huff

    (@macmanx)

    This was an attack on rev slider plug

    Follow these then, depending on whichever one you fall under:

    https://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html

    https://blog.sucuri.net/2014/12/revslider-vulnerability-leads-to-massive-wordpress-soaksoak-compromise.html

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘malware in my site google blocking site’ is closed to new replies.