How To Get Rid Of Code Injected Malware! *Must Read For ANY Webmaster*
Having someone else’s javascript code secretly imbedded into 100s of your .php and .html files across several of your servers is no laughing matter! The first problem you’ll come across is this screen…
You may panic but that won’t do you any good. It’s actually Google’s way of protecting your site and your visitor’s from a piece of javascript iframe code that automatically downloads malware to your visitor’s PC.
So what do you do when this happens?
“Don’t Panic! Let’s Get This Sorted In 5 Easy Steps!”
Step #1 – Remove The Malware In Question
Code injected malware likes to attack the index.html / index.php / login.php file and so on. Any file that is called first when loading a URL is a hot spot for attackers. If you have any index files in your folders such as your images/ or files/ directory to prevent snopping around be sure to check them too.
The malware loves blogs too! Check your blog index.php file and blog-header.php file.
Tip! If you don’t want to do it manually, use any server-based ‘find and replace’ program like Malicious Code Cleaner. This will scan through all the files in your public_html/ folder and remove them quickly! If you have multiple servers you’ll need to install the script on each server and perform the scan seperately.
Step #2 – Create A Google Webmaster Account
Click here to sign up for a Google webmaster account. Google has more power than you think and they are the ones you have to turn to to have your website back online! Even if you’ve never had an attack before, it’s worth spending 1-2 days ensuring all your sites are listed.
Step #3 – Add Your Site(s) To Your Webmaster Account
Now click on the ‘Add a site’ button and add your website domain.
Step #4 – Verify Ownership With A File Upload
Google will ask you to verify ownership of the site. The easiest way it to download the HTML file and then upload to your URL and click the Verify button.
Step #5 – Request For Site Acceptance
If Google has already detected with malware, you’ll see a red bar across the top saying so. Either way, click on the ‘Malware’ link underneath Diagnostics.
From there you can check the box and resubmit your site for acceptance. This usually takes 24 hours after the malware has been removed.
