Categories

Archives

Back to Blog

  • Facebook
  • Twitter
  • Google+
  • LinkedIn
Thanks for being patient with me. I haven't posted in a while because of something that happened last week.

You see, my blog was hacked (not by a person but with malicious code that creeped into my blog), and as a result I was blocked by Google. I'm sure you've heard about it, as people talked about the news.

How did it get blocked?

Whenever my site(s) came up in Google, there was a “this site may harm your computer” warning. And when people clicked on my link, it lead them to a Google error page preventing people from accessing my site.

Apparently, Google checks its indexed pages against a database of “known offenders” (at StopBadware.org, which is similar to many IP blacklists for spam), and turned all my listings on Google to unreachable.

So my site wasn't banned. But the worse part was, Google not only blocked my site but also displayed a dire warning that my site was malicious! (You can only imagine what kind of damage this can cause to someone's reputation.)

But that's not all…

To fix this, I had to jump through several hoops. Of course, the first of which was to remove the hacked or “malicious” code.

But this wasn't an easy task.

The problem was, since I used a plugin called “Bad Behavior” with my WordPress blog, the plugin, which identified it on IP blacklists as well, prevented me from accessing my own site — including my admin control panel!

So, not only I couldn't make the changes I had to make to get reinstated, but also I couldn't disable the bad behavior plugin to allow myself access to my own admin panel.

It's all straightened out now, thank goodness! But it took me and my staff several days, and a lot of back and forth with the powers that be, to get unlisted from IP blacklists and such.

(Thanks for waiting for me.)

Here's how I resolved it.

First of all, I had to disable the plugins using phpMyAdmin, which gave me direct access to my database. Then, I had to manually upload via FTP the files that were “cleaned” of the malicious code.

After that, I had to upgrade my blog to the latest version of WordPress (i.e., version 2.3.1), and update and reactivate all my plugins, too. (I also had to re-customize a lot of the code that was tailored for my blog.)

Next, I had to submit a manual review request to StopBadware.org. Problem is, it doesn't block entire domains like Google does. I had to manually submit a review request for each and every page that was blacklisted!

(Since the code appeared on my sidebar, well, you can do the math.)

Then, I went to Google's Webmaster Tools.

Webmaster Tools is a fantastic service, which allows you to manually submit sitemaps to be crawled. What's neat, though, is the fact that this service comes with tutorials, and, of course, displays any warnings about your site.

In fact, there's a feature that allows webmasters to request manual reviews by Google. In my case, I used it to ask Google to verify that my site was clean, to unblock it from its search engine results, and to remove the warnings.

In about 48 hours, everything went back to normal. Whew!

Now, some people have told me there's quite some controversy about this, including talk on a blog by Google's own Matt Cutts, where a lot of people are complaining of false positives.

Personally, I think this is a great feature because I hate visiting blackhat sites that cause havoc on my computer. Problem is, it's still relatively new (about a year now).

Perhaps my site was a false positive, too. I don't know. Your guess is as good as mine.

But here's what seems weird in all this…

The code that had any semblance of being malicious (according to some examples on Matt Cutt's blog) was javascript code for displaying ads with links.

(I wasn't selling links. The links were from a non-PPC ad network, which I'm told did not violate Google's guidelines.)

What I'm not sure about is, was the code itself the culprit or frowned upon by Google? Or was the code used to hack the blog and ended up being truly malicious after all?

I'll probably never know.

But since the code was from an ad vendor, which displayed paid links on my blog, the question is, was the violation based on the presumption that I was selling links?

Here's why I ask myself this question.

When I checked with StopBadware.org, the blacklist site against which Google made its determination, the manual review process asked that you enter a statement, which said something to the effect of…

“I have removed the code, and links to other sites, that violate StopBadware's guidelines. I believe that my site no longer hosts malware or links to sites that violate these guidelines.”

What caught me by surprise was the statement, “links to other sites.”

What surprised me even more was that I received a warning about my site being blocked, directly from Google, only 24 hours later. Funny though, because once I could access my site, and while I was still being blocked by Google, my blog was still displaying Google AdSense ads.

(Again, I don't know. Perhaps my friend blog expert Andy Beard may have some clues or something to say about this.)

For now, here's my suggestion to you…

If you're running any older versions of WordPress, upgrade to 2.3.1 as soon as possible. Second, if you're going to use javascript in your blog, try to make it pull from an external file — like a .js file — instead of actual script code.

And don't use Bad Behavior. Stick with Akismet or SpamKarma plugins. According to my host engineer, the Bad Behavior script is still very buggy.

To be candid, this disappointed me, because I loved Bad Behavior. It stopped spam and hack attempts from bots. And I virtually had any comment spam or spammers trying to register as blog users.

But apparently, the script has its flaws, too.

Finally, do have a Google Webmaster Tools account to submit your sitemaps. Sure, you don't really need it. But it's good to have, even if it's just to know when errors are preventing the Googlebot from crawling your site.

Above all, don't be shy to ask for a manual review when you need to.

By the way, a HUGE “thank you!” to all the people who notified me about this, helped me with screenshots and such, and given me some of the pointers and steps I listed above. You know who you are. 😉

Michel Fortin

Chief Experience Officer at Supportibles, Inc.
A copywriter and consultant for close to 30 years, Michel was instrumental in selling millions worth of products and services. His most notable success is a salesletter that sold over a million dollars online on launch day. Today, Michel is a best-selling author, in-demand public speaker, and highly sought-after marketing consultant. Get his free report, "The 10 Commandments of Power Positioning," at Supportibles.com.

Latest posts by Michel Fortin (see all)