JBCR Virtual Solutions Blog

Archive for the ‘Internet Tips’ Category

In our last post we wrote about a mal­ware script we have been deal­ing with the past cou­ple of weeks. That it was being injected into Word­Press footer files and how to remove it.

If you find this quickly and deal with it, there is min­i­mal impact to your site. But if you don’t dis­cover it quickly, you could end up on Google’s ‘Attack Site’ list and they will block vis­i­tors from vis­it­ing your site.

Curi­ous about your site’s health sta­tus? Google has a tool for check­ing to see if there are any prob­lems with your site. Replace the last part of this link with your domain they will show you a report:

http://www.google.com/safebrowsing/diagnostic?site=yoursiteurl.com

Right now we’re going back to our topic for this post… How to sub­mit your site to Google after you have cleaned up fol­low­ing a mal­ware attack.

First thing you are going to need is an account at Google Web­mas­ter Tools.

http://www.google.com/webmasters/tools/

Once you have an account set up, you will need to add a web­site. There’s a but­ton for this promi­nently dis­played on the index page. Click on it and you will be offered a field to enter your site url. I usu­ally have this on my clip board ready to paste in.

Next they will require you ver­ify own­er­ship the site. There are sev­eral dif­fer­ent meth­ods offered. You can add a meta tag they pro­vide or down­load an html file, which you then upload to your site. This fast and easy as long as you have an FTP pro­gram or web site author­ing tool with file trans­fer set up. Explain­ing how to use these is beyond the scope of this post and if you don’t how to do this, you are some­one who should have pro­fes­sional help.

Once you have uploaded the google html file or inserted the meta tag into your home page header, go back to the Google Web­mas­ter tools page [still open I hope!] and hit the ‘ver­ify site’ button.

There are var­i­ous things you can look at in Web­mas­ter Tools but we in there for a par­tic­u­lar rea­son at the moment. We want to get our site pro­nounced healthy and open to vis­i­tors again. To do this, look for the ‘diag­nos­tics’ link on the left side bar. Click­ing will expand the menu. The ‘mal­ware’ link take you to a page with an alert that your site is blocked. Here is where you will be able to sub­mit your site and add a lit­tle mes­sage about what you have done to clean out the malware.

That’s all there is to it. It’s not hard but then we do this for a liv­ing. If you need help with this or some­thing else on your site that is beyond your tech­ni­cal com­fort level. Con­tact us!

Happy Trails,

Billy

PS -  Next post we’ll talk about a few plug-ins to help with security.

The bad guys have been busy this month!

Sev­eral of our clients had their Word­Press blogs hacked. A mal­ware Javascript was used to load bogus sites was injected into the page footers.

How can you tell if you have this prob­lem on your Word­Press site or blog?

This par­tic­u­lar script, is easy to spot from how your site reacts even though it is not vis­i­ble in the con­tent. When you visit your site [or blog], instead land­ing at the top of the page where you would expect to start, the script imme­di­ately takes you to the bot­tom of the page instead. If it does this, then there is a strong like­li­hood you have this mal­ware on your WordPress.

If you use Fire­fox for your web browser, you may get an ugly warn­ing page that your site has been reported as an attack site. Not fun. You will not be able to access your site at all… anywhere. This can make it harder get to rid of the prob­lem because you may not be able to access your site admin area. Internet Explorer did not block entry to the sites because of this particular malware.

What should you do if this has hap­pened to your WordPress?

If you can access your Word­Press admin area using your web browser, then it’s rel­a­tively easy to get rid of the mal­ware script. This par­tic­u­lar exploit only affects one file, named footer.php.

You can edit this by going to Appearance=>Themes=>Editor and open­ing this file in the edi­tor pane. The files are all listed to the right hand side of the pane.

Now you edit the footer.php file to remove the script. It will look like this screen­shot of the one we removed from sev­eral sites.

Screen­shot of mal­ware javascript

Select the entire script with your cur­sor being care­ful not to touch any­thing else. Delete it and save your changes. Your site is clean again.

WARNING: If you needed these instruc­tions, you are not some­one who should be doing this on your own and we so we wouldn’t nor­mally rec­om­mend you even attempt this your­self. But it’s sim­ple dele­tion so we thought we’d include it here. Even so, if there is any doubt in your mind about whether you should be doing this your­self, get help. If you don’t have a web per­son, con­tact us for help

If you are one of the unlucky ones who have been reported as an attack site, you will need to sub­mit your site to Google for it to be declared clean oth­er­wise vis­i­tors may not be able to access your site for some time.

It may be cleared with­out sub­mit­ting it but it will def­i­nitely take much longer. Post­ing right away and each day for a few days will alert the search engines to spi­der your site and find a clean, mal­ware free site.

Stay tuned for our next posts where we will dis­cuss how to sub­mit your site to Google Web­mas­ter tools for review and what you can do make your Word­Press more secure from this type of an attack.

Any­one who uses Twit­ter fre­quently knows how hard it is to keep up with Tweets.  Not only that, if some­one has posted some­thing and you answer your answer will come as a tweet and not a retweet if you don’t do it right.

One of the best ways to ensure you are reply­ing to a tweet is “Tweet­deck”  http://www.tweetdeck.com/beta/Tweetdeck 

Tweet­deck is a very pop­u­lar appli­ca­tion for run­ning Twit­ter on your desk­top and phone. It has many fea­tures, but one of its best is its one-click retweet­ing fea­ture – hov­er­ing over a pro­file pic­ture pro­vides the easy option for retweet­ing anyone’s tweets – just click the bot­tom left icon.

Here’s is how it looks on my com­puter screen

Tweet­deck is free to down­load, installs quickly but how would any­one get any work done!

Just found One­MinueU thanks to a post from my Face­book friend Adam Urbanski.

At this site you can post a video or arti­cle, or watch a video / read an arti­cle. It is a net­work­ing ser­vice that allows users to cre­ate and post online edu­ca­tional “how-to” multi-media for enjoy­ment, knowl­edge and entertainment.

The Terms of Use is quite long but prob­a­bly worth reading.

Check it out!

http://www.oneminuteu.com/

Jan

Ok so the title may sound a bit strange but let me tell you what happened.

First, any­one that works in my field no doubt has set-up Google Ana­lyt­ics for clients and put cod­ing on their pages. Usu­ally they sign-up and give you their account infor­ma­tion so you can enter the domains and inset the code — right. That’s nor­mally what hap­pens with me.

A cou­ple of weeks ago a client wanted me to set-up his ana­lyt­ics. He wanted me to do this through his Adwords account. In order for me to do this I had to get admin priv­i­leges. That was fine and I set up his sites and put the cod­ing in. No prob­lem, all worked fine. Except when I went to check my own Google Ana­lyt­ics for my sites. Guess what hap­pened — yep!

I went to sign into what I thought was my account and instead I was now signed into his. No sign of my sites. Nada.

Luck­ily my part­ner had orig­i­nally hooked up the account so I could get in and check to make sure every­thing was work­ing. It appears to be, though many of my pages now have no bar and even my over­all page rank has dropped. Does this ‘mix-up’ have any­thing to do with that, I don’t know, not yet.

I have signed up for a new Google account and have per­mis­sions on my own ana­lyt­ics now. I also have a sup­port ticket into Google.

The moral of the story — if you are going to set up Google Ana­lyt­ics for a client always use THEIR login and pass­word infor­ma­tion — not yours.

I’ll keep you posted on what Google says.

A bit wiser this Friday…

Jan