Site is Listed as Suspicious - what to do?

Suspicious site



The worst thing that can happen to an e-commerce site is Google has listed tagged your site with “site as suspicious!” Anyone searching for your company, will have a large banner pop up with that saying. So basically your traffic goes down to zero. Because nobody wants to go to a hacked site.

You will want to be pro-active in fighting this, you should know, how to edit files, what an .htaccess file is, what chmod does, and what an SQL injection is. If you don't know all of these, find an expert or get learning.

Your first question. Why did this happen to my site?

Bottom line, you have been hacked by some pretty savvy hackers and you have malware on your site. Malware is short for malicious software, it is software designed to infiltrate a computer without the owner's informed consent.

Just so you know, back in January 2009, Google had a glitch that flagged every site with this banner. Bad day for Google, but it happens.

Second Question. Who's fault is this?

Well it could be your hosting providers fault or your fault. Your hosting provider may not have the most secure of servers. Always inform your hosting provider when you have been hacked. And ask them to search for problems. It may be worth doing a search on your provider to see if it is a problem. Most of the time it is your fault. You may have left some chmod files as 777 so it is available to anyone, or you may not have the most current update of Wordpress, a bulletin board or some other application you are using.

Now the big question. How do I remove it and get back in Google's good graces.

This is the tough part and will require your technical ability. You need to research, investigate and look over your code. Research other sites that have had the same situation, and see what they found us the latest hack. Hackers are constantly updating their methods, and are getting clever by the day.
Go here’s_infected.html (put your site in where it says example site. This will -- detail the infected pages as well as more information as well as bad links. Getting it removed. All removal must be done manually. It is a slow, painful process. Much of the manipulation comes through your config files. Look at your http.conf file, your .htaccess file (there may be more than one and your .htusers files. Look to see if there is anything unusual and compare to the original files you put up. If this is out of your range, there is a source at the end of this article that may help you.

SQL Injection – this is is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks. To protect against SQL injection, user input must not directly be embedded in SQL statements. Instead, parameterized statements must be used (preferred), or user input must be carefully escaped or filtered. If hackers get into your database they can insert code that will pop up anywhere. This is extremely frustrating if you manually remove the code, then it pops up again. If you use a database, search your database for any anomolies.

Preventing -

1.Make sure your hosting company is secure. Ask them the last time they ran Windows Updates.
2.Update all scripts to most recent versions.
3.Use strong passwords. Not normal words.

Getting right with Google.

Once you have permanently removed the problem, Sign into Webmaster Tools with your google account. There is a place to Request reconsideration of your site. Do that. Google has gotten really good at reconsiderations and can do it in usually a day.

If all of this is out of your technical ability, and you want a third party to solve it for you, Hackersmart – may be your solution. Hackersmart provides 2 services. First, they will Fix and Repair your site. Cost for this starts at $79.99. Their second service is a daily scan. for $14.99 they will scan your site daily for problems and email you immediately if there is an issue. Great insurance for less than 50 cents a day.


Our years of experience in this field will help you fix your problem and then we will make sure you know if it happens again.