Help! My Site Has Been Hacked…Now What?!?

One time (this was a few years ago now) I received an email from a visitor to one of the authority website’s I manage alerting me that they got a warning message upon landing to my site. The message told them that my site contained malware and that they shouldn’t proceed with navigating to it.

Needless to say they proceeded to the site anyway, that’s how they left me a message on my contact form. Panic stricken, I decided to investigate. I use a Mac so I don’t get viruses or warnings such as this. I wouldn’t have known anything about it if not for the feedback of the visitor so I’m very appreciative to them for taking time out to contact me.

I was, however, already growing increasingly suspicious because I noticed that my site was disappearing from the search engine results for the keywords I had been targeting and ranking for for oh, about a year or so. So I hop over to Google’s Webmaster Tools only to discover…

Yikes…My Site Has Been Blacklisted!

OMG! Prior to checking GWT, I’d contacted my hosting provider who ran a check for me (on the wrong site…duh) but lucky for me, they also told me which tools they used so I was able to backtrack and perform the same diagnostics on the right site.

So the Google Websmaster Tool showed me the code that was malware on my site but they didn’t tell me where it was so that was of no help…arghh.

Another site, called Sucuri, was much more helpful. This free tool ran a scan of my site and told me exactly which pages the virus code was inserted on. So I then logged into my cPanel and entered the File Manager. I navigated to the pages that had the code and usually found the malware code somewhere at the bottom. The sad part though, was that I couldn’t find all of the pages Sucuri referenced and each time I removed code and did a rescan, the code would pop up on new pages.

Coding is not one of my favorite ways to spend a Friday night, to put it mildly, and after nearly five hours of trying to ‘do it myself’ and staying up to quarter to 3 o’ clock in the morning, I finally threw my hands up in complete surrender and purchased Sucuri’s monitoring and malware clean-up service for their yearly fee of $89 US dollars.

Even though I do backup my sites regularly, I didn’t want to hassle with uploading a fresh version of WordPress, reinstalling the theme I was using and reupload all of my content (over a year’s worth). Plus, my anxiety started to kick in and all I could imagine was losing all of my blog posts. The very idea of it still gives me shivers.

Anywho, I waited patiently as the monitoring service fixed it, while trying my best not to panic. But at least now I knew why my first page search results had mysteriously vanished.

The trials and tribulations of an online marketer, I guess…

If you’ve been hit by malware and Do-It-Yourself is not your thing, consider checking these guys out…they saved my proverbial butt and I’ve been a faithful customer ever since.
secure your site

Later that day… I received a response to my malware removal ticket saying they couldn’t get in with the access details I’d provided. So that Saturday afternoon, I double-checked and gave them updated details. By Monday morning, I had an email in my inbox from Sucuri saying the malware had been removed. After confirming that I’d been ‘un-blacklisted’ in my Google Webmaster Tools account, I was finally able to breathe a sigh of relief. Whew, that was a close one.