There are many websites which host malwares (unknowingly) but they look like pretty nice and authentic sites in order to trap the visitors. Google Safe Browsing tool is a tool developed by Google which helps you to test a website which you think may not be authentic or has malware hidden in the source codes.
In order to check if your site has an suspicious code or malware then, you just need to type the following in your browser address bar –
For example we checked our site by going to http://www.google.com/safebrowsing/diagnostic?site=thesharath.com
Always upgrade to the latest version of wordpress, most security loop holes are fixed in the latest version of wordpress. And make sure you choose popular plugin rather than being a daredevil to test a new plugin you found on the internet.
First things first, Here is couple of things that you need to do if you think that your website is hit by malware.
- Identifying malware on your site
When looking for badware\malware on your site, especially badware due to hacking attacks, please remember to check the source code of your site as it is currently hosted on your web servers.
- Malware spread through ads running on your site
Always choose a good ads publisher to earn money. We believe in Google Adsense for our revenue, it easy to setup, fast and customizable and more than it’s entirely safe and doesn’t spread malware through ads scripts.
Two common types of injection attacks:
- Invisible iframes
<Iframe> tags are one of the many kinds of HTML tag codes that can be used as part of the source code that creates a website. An iframe creates a small window on a webpage so that another page can load inside the embedded window. Iframes are not always used for nefarious purposes; one frequent use, for example, is to embed remotely hosted dynamic content such as online maps into web pages. When used by malicious attackers, an iframe can be made so small that it is invisible, and the visitor to the infected page never knows that another page is also loading in the tiny iframe window.
If you see code for an iframe with width=“0” and height=“0” in the source code of any page on your website, you have found an invisible iframe. Iframes are most commonly inserted at the very top or the very bottom of a web page’s source code. A good first place to check for iframes is before the initial tag that starts a web page’s standard code, or after the final that ends a page’s code.
- Obfuscated code
How do you remove malware?
- Contact your web hosting
Remove the bad software from your website and don’t make it available for download again unless you can be sure that it is no longer badware. You can learn more about what makes a piece of software badware in our guidelines. If you are the creator of the software in question, StopBadware may be able to offer recommendations for bringing your software into compliance with our guidelines.
- If ads are showing malware content
Remove all ads that link to malware. If you use an ad network, this may mean removing all the network’s ads from your site until you can be sure the network is clean. You may also want to contact your ad provider and let them know that one or more of their ads is causing badware to be linked from your site.
How does your search engine result get impacted?
Google always wants its users to feel safe when they search the web, and they’re continuously working to identify dangerous sites and increase protection for our users. A warning message appears with search results we’ve identified as sites that may install malicious software on your computer:
Google will not crawl\index and information from your site (which is bad for you). Hence no content from your site will show in the Google search results gradually.
For more information, visit http://www.stopbadware.org/. Also, Google maintains an Online security blog called Google online security blog, read it for more information.