Call 03 85455900

Get the latest search news straight to your inbox!

Godaddy Malware – sokoloperkovuskeci.com

by on September 15, 2011

It was a quiet evening last night. I’d successfully repaired the leak in our cedar hot tub and had enjoyed the fruits of my efforts with a short simmering. Afterwards I sat by our fire with a nice McLaren Vale Shiraz, watching Youtube docos using the iPad & AppleTV. I love that combo. Just before midnight Melbourne time I did my customary email check before trundling off to the land of “sleepy bo bo”. The subject line “Your help Jim – Malware on davidmeermanscott.com” immediately pushed any thoughts of sleep to the back of my mind.

If you’re a regular reader here you’ll know that David is a client of ours. I quickly checked the Google index and sure enough there was the message no site owner wants to see.

Google Malware alertI’ve talked about malware before and how badly it can affect your rankings, however having Google announce to the world that your site “may harm their computer” really sucks. In addition to the Google warning, browsers will also warn users that they maybe going to sites with malicious code and block them with big red danger signs.


Google Malware browser alert.

In most of my encounters with website malware exploits, signs of their existence can usually be found in the webpages themselves, which wasn’t the case last night. After digging around a bit, it became clear that this malware was different. It seemed to be affecting other sites hosted with GoDaddy like David’s is. As an SEO company these are the sorts of things we want  to fix quickly, not only for ranking reasons, but also because an e-commerce site can be missing out on sales, putting it right up there with a server crash. Site owners that fail to respond quickly to these sorts of attacks will soon be cast into Google purgatory and disappear from the rankings.

 

GoDaddy malware There wasn’t much else I could do last night as I needed one of our developers @krigsi, who knew the intricacies of the site better than I did. Early this morning he started Googling the malware as described by Google on its Safe browsing diagnostic tool, finding the answer pretty quickly thanks to its non-competitive search term: sokoloperkovuskeci-com. A blog post by “dd” over at Securi.net outlined exactly what was going on. Without going into details, it turned out that the compromise was indeed across a lot of GoDaddy shared hosting, potentially affecting thousands of sites. The malware re-wrote a file called .htaccess which redirected users to another site which would then have its digital way with you.

Getting rid of the “This site may harm your computer” message in Google once you have fixed any malware problem on your site is very straightforward and can be done through the Google Webmaster tools interface.  Make sure you check out http://www.stopbadware.org/home/security for tips on securing and cleaning your website.

GoDaddy admit malware

It’s one thing to fix the problem but it’s another thing altogether to fix the vulnerability. At this stage we know David’s site is fine and that Google has removed the malware warning but we do not know HOW this file was hacked and GoDaddy is not giving us much information at this stage.

 

David meerman scott results

After letting Google know the site had been fixed it only took a couple of hours for the warning to be removed from the SERPs

 

 

{ 5 comments… read them below or add one }

David Meerman Scott September 15, 2011 at 5:34 pm

Jim. Not only are you and your team genius, you are real-time genius. Thanks so much for this fast fix to get my business back up and running so quickly. David

Jim September 15, 2011 at 5:47 pm

You’re welcome @David, always a pleasure.

Danny Englander September 16, 2011 at 1:33 am

You would probably do well to get your own VPS and install a firewall. I use ServInt and it comes with Config Server Firewall. You really can’t trust GoDaddy for good security and there is really nothing that prevents them from getting hacked from time to time because of their oversold shared hosting. Just my 2 cents.

Seth Shoultes September 25, 2011 at 12:36 am

Danny is right. Get off of Godaddy hosting ASAP. Not only are they overloaded, have the worst hosting in the industry, don’t maintain their servers, they will also shut down your site at the DNS level if there are too many connections to your site.

We have a ton of bad experiences with Godaddy. Mostly from people trying to use our event registration plugin for WordPress. Sometimes things just don’t seem to work right on someones site, so we ask who their hosting provider is. Ninety five percent of the time it’s Godaddy. Soon as they move to another housing provider, such as Hostgator, the problems magically go away. It’s amazing. Lol. We have received quite a few emails from customers, that have made the move from Godaddy to another host, telling us they cannot believe the difference and how much better their sites work. At first, a few of these customers had even sent us nasty emails telling us how much our plugin sucked.

Wan Chucki September 28, 2011 at 2:59 am

Thank god, I am with Bluehost! Never got this kind of problem before and never will, i hope so :) lol.

Previous post:

Next post: