An unfortunate fact of having websites on the Internet is that from time to time they can be compromised, and malicious code (malware) placed on them. This can happen for a variety of reasons, however when it does your primary concern should be quarantining your site and getting it cleaned as quickly as possible.
The first you may know you have a problem is when navigating to your site. You may see warnings telling you that there is a problem with your site, like the one below. However, it is important never to download any software shown in the warning - this could be part of the malicious content.
However, in the example above this is a Google warning. In the process of trawling the Internet to build search results, Google also detect potential harmful content on websites. If it finds any you may see this warning on the page.
Google do give you the option to proceed to your website, however we wouldn't recommend doing this until you have cleaned your site. You can click the Safe browsing diagnostic page to view what Google found when visiting the site.
On occasion Gradwell may detect problems with your site, and if this happens we will contact you directly
First steps after finding out that your site has been compromised
As a first step, ensure you change the password details for any methods to access your account. Login to your hosting control panel and change the passwords for any FTP users, and also your Unix login if you login with SSH. Both of these are found in the Web Hosting area of your control panel.
Recommended links to help you clean your site
Below are a selection of links that are recommended reading to help clean your site thoroughly:
Restore your site
Once you are confident that you have cleaned all malicious code from your site, you can restore it on our servers. This whole process may be simpler if you take regular backups of your site, allowing you to simply upload the last known good backup of your site. Gradwell recommend all customers take regular backups of their websites.
Requesting Google reconsider your site
If Google are displaying warning messages to visitors of your site, you can ask Google to reconsider your site once you have removed all malware. They will check your site again and, if found to be clean, remove the warning message.
Firstly, add your site to Google Webmaster tools if you haven't already. Simply log in with a google account, click Add a site... and enter your domain into the popup field.
You will now have to verify that you own the site. The easiest way to do this is to upload a small HTML file to your website, simply click the Upload an HTML file to your server option and follow the instructions.
Once you have done this and your site has been verified, return to the main webmaster tools page and click on your site to access the site dashboard. On the left-hand menu click Diagnostics and then the Malware link. You will see a link to request a review of your site. Click this and Google will automatically review your site to ensure it is safe. If it is, the warning will be removed. This can take a couple of days to happen.
If after this time the warning still remains, carefully check the site again as you may not have cleaned up all remaining malware.
The video guide below will take you step by step through process of registering your website with Google Webmaster Tools and requesting they remove the harmful content warning from your site.