By Ridley Ruth, Dropmysite
Website user warnings like these -- "This site may be hacked" or "This site may harm your computer" - are life-saving messages in a vast and sometime murky sea of Web surfing.
The impact of such messages is the opposite for website owners because it indicates that their website has been blacklisted by Google. This feeling is much more like sinking to the bottom of the sea after one's life vest has been deflated. Blacklisting can send even the most buoyant small and medium-sized business (SMB) websites into a full-scale panic.
How does being branded a dangerous troublemaker by browsers and search results impact one's business? And most importantly, how can website owners find their way back into the good graces of Google?
Even as Google quarantines thousands of websites every day, it avoids the word "blacklist." And it does so for good reason: websites infected with malicious software can impose real harm on unsuspecting visitors, slowing their computers to a crawl, destroying or corrupting data, posting phishing pages, stealing sensitive private information-or all of the above.
While it can happen to any website, even those with relatively robust security measures in place, it's a particular problem for SMBs, which typically can't afford IT staff with specialized security and remediation expertise. Often, these companies choose to outsource site day-to-day site maintenance to a Web hosting company.
Surprisingly few SMBs actually plan for website Armageddon, and many don't find out they've been blacklisted until they try themselves to navigate to their website. That is when the panic sets in - "Every moment my site generates a warning represents lost revenue and damage to my brand."
The time required to remove malware, secure the site, request a site review and get site blocking removed can range from hours to a week or more. The time frame depends on the severity of the damage and the preparations in place to reduce the impact of being blacklisted. In fact, a recent study found that the average time it takes for Google to remove blocking is more than 10 hours; actual removal times examined for 500 blacklisted sites ranged from 2 hours and 20 minutes to 23 hours.
Web-based businesses typically cannot afford the time or money for their website to be out of commission so putting in the time before disaster strikes is highly recommended. And, time is money. Results from the Symantec 2011 SMB Disaster Preparedness Survey found that, on average, blacklisting costs the SMB $12,500 per day. In 2015, this number is likely much higher.
Getting back into the Good Graces of Google: Restoring a clean website
The basic steps are the same in virtually any scenario, although the time and difficulty required in completing them may vary widely.
- Does the IT staff have expertise in this area?
- Is the site maintained locally or use a hosting company?
- Can remediation be managed in house through a Web-based interface, or is support call required to get the ball rolling?
Consider and address these contingencies now, before being hacked and blacklisted. The ease and speed with which one can access and restore backed up data will play a big role in how soon things get back to normal.
1. Run antivirus scanners and/or AV scanners on every administrator-run computer that logs into the website for viruses or malware. Don't forget to check server logs for activity by the administrator, who works on an infected computer.
2. Change passwords. This applies to logins for all site users and accounts: system administrator, CMS accounts, FTP, database access, etc. Re-evaluate the strength of the passwords being used. Use a unique password for each separate account, and use a mix of letters, numbers and symbols. Avoid using personal information or common words.
3. Make sure latest versions of the computer's operating system, CMS, blogging platform, apps, plug-ins and so on have been installed. This is absolutely necessary to make sure any security holes are patched.
4. Delete any new or modified files that were added to the server after the issue first appeared, and then perform a complete system restore.
5. Website restoration can be much a much quicker and easier process if the time and energy is invested upfront in automated self-service disaster recovery services, which:
- Allow access to files, avoiding dependency on a third party to help locate and restore affected files, and
- Complete restoration in just a few minutes by selecting files and making a single click
6. In the absence of such tools, find and manually download the last clean versions of the each of the modified files.
7. Once that is done, Google recommends the use of Wget or cURL to view the site's pages to verify they are clean and free of damage.
8. At this point the website should be clean and ready for a review by Google to remove the warnings associated with the site. Make the request for review.
9. Have verified ownership of the site in Google's Webmaster Tools beforehand, and then follow the steps for completing a review request that Google provides here. This will take additional time.
The age-old adage that it is better to be safe than sorry rings true when it comes to business websites. Don't lose money or time by being unprepared. Evaluate the current state of a website preservation plan and become thoroughly familiar with the restoration process. The time to prepare is now.
Ridley Ruth is COO at Dropmysite, a leading cloud-based backup company with a focus on websites, emails, databases, mobile devices and more. The company has developed comprehensive solution for websites (www.Dropmysite.com) email (www.Dropmyemail.com) and mobile.