It happened Monday morning.
Just as I was getting ready to hit the Publish button after reviewing the guest post for the day, I saw the red screen of death.
It was unnerving, to say the least.
I read, re-read, re-re-read that single paragraph wondering why Google had flagged my website. A quick login to Google Webmaster Tools provided the answer: “Suspected injected code Instance.” Apparently an image in my sidebar linking to Desicritics.org was the culprit.
Google Webmaster Tools also encouraged me to investigate the problem immediately in order to protect my visitors and reassured me that it was probably not my fault. Here is what Google Webmaster Tools said:
Although some sites intentionally distribute malicious software, in many cases the webmaster is unaware because:
1) the site was compromised
2) the site doesn’t monitor for malicious user-contributed content
3) the site displays content from an ad network that has a malicious advertiser
If your site was compromised, it’s important to not only remove the malicious (and usually hidden) content from your pages, but to also identify and fix the vulnerability.
In my case, it was the third scenario where my site was displaying an image linked to another website that had a malicious advertiser. I immediately removed the image and all links to Desicritics.org from my posts. The warning still persisted. I submitted my website for Google to review, but 24 hours later, my site still showed the red warning screen.
I had received many e-mails in the meantime from readers informing me of the “harmful nature” of my site. I thanked everyone and let them know I was looking into it, asking at the same time if someone with Web development skills would volunteer their help.
At work, I didn’t have any time to even think about this problem … which meant spending the evening, well into the night, chatting with a BlueHost representative and taking down my website. (A huge note of thanks to Nick, the BlueHost rep, who patiently instructed me for an hour and a half and served as the calming voice of reason).
As of Tuesday morning, my website didn’t exist.
Just a plain text page informing visitors that First Impressions was undergoing maintenance.
Incessant Googling had resulted in the knowledge that the only way to clean up my website exhaustively was to delete the entire site and rebuild it from scratch.
I’d have to wait another day before figuring out how to resurrect the website.
Tuesday evening was spent deleting all the plugins, uploading the backups (good thing that the BlueHost outage a few weeks earlier had prompted conscientious efforts on my part to backup the website every day), and making sure that all the images I’d uploaded in the course of last year were available and accessible by WordPress. Sounds easy enough, but it wasn’t.
Finally I got everything fixed in the backend last evening — all posts needed to be put under categories, yet again — yes, all 215 of them; all posts needed thumbnails and featured images to work with my design template; and I installed only the plugins I absolutely needed for visitors to have a good reading experience.
And we are back in business — and in Google’s good books — today.
Regular visitors will find some differences in, what I hope is, a clutter-free layout. New visitors might be encouraged to sign up for e-mail updates or RSS feeds featured prominently on the right. And one time readers might stay a little longer to read some other related posts.
The past three days it’s felt like someone was gagging me. That I had completely lost my voice … my platform. I realized how much I needed this site to be alive and well.
This experience also taught me that one can never be “too safe” online. I will not be linking to any external sites just to cross-promote this blog. If it means less traffic to this site, so be it. Also, I’ve installed only those plugins I know are vetted by WordPress and downloaded at least 100,000 times. I have one person to depend on for the health of this website: me. I am the webmaster, the designer, the content generator, the marketing specialist. So, I have to arm myself with information and tools adequately and stay on top of everything website related constantly.
I’m creating a safety net around me, being diligent about backups, and ensuring that readers aren’t clobbered with unnecessary frills on the sidebar or elsewhere. You’re here for the content, and great content is what you’ll get.
That said, here is the guest post from Monday that got buried under all the maliciousness. Dawn’s words helped me remain positive the last 72 hours. I hope they’ll add some positivity into your day, too.
Copyright secured by Digiprove © 2010 Mansi Bhatia
Ahh – when I read the post on Monday, it asked me whether I wanted to proceed beyond the error above. Since I only use my work PC via my work network, I felt comfortable clicking "ok"
….didn’t know you had to go through so much!!!!
Dawn’s post provided a great positive start to the week
Thanks, Shachi. I’m sure Dawn will appreciate your kind words.
Appreciate your being such a loyal reader
My goodness, love, I had no idea all the headaches and frustrations you had to navigate with this! Nothing strikes fear into our hearts more than something of this nature, and I hate that it happened. I’m beyond impressed that you were able to roll with the electronic and spam punches and recover so quickly! Kudos to you for jumping right in and dealing with all of it and then coming out on the other side still holding onto your wonderful Spirit. You’re one of my Shining Lights, you know, delighting me with your words and how you open up my mind to concepts I might not otherwise even contemplate.
Thank you, also, for the kind extra mention of my guest post in the midst of all your dedication to getting your site back up and running smoothly. Your kind nod to me speaks volumes of that wonderful character that I always see blazing so clearly through in your writing.
*Sends Sunshine Hugs your way*
Much love!
~ Dawn
Thanks, Dawn. It sapped me of all my energy and could’ve easily weighted me down, but then I remembered, I have the power to make that choice: to remain positive and focus on how to fix the problem instead of dwelling on the issue itself. Appreciate your spirited writings as always.
Congratulations at getting the site back up and looking great! It’s easy to take for granted how much work goes into creating and maintaining a quality site.
Thanks for the effort!
Thank you, David, for your kind words. I appreciate your taking the time to stop by my site.
Hey,
Sorry didn’t see this before. I work for an antivirus company and probably would have been able to help you. Most people get infected because there will be some small piece of code that will check whether the visitor has any vulnerabilities that can be exploited. Just because your site had links from desicritics.org doesn’t mean the site is infected. It is possible that an advertisement on desicritic was infected. If you make sure that all pieces of code to desicritc was removed, you just need to wait for google to crawl the site again. But if you miss one link, then your site might not pass the test.
Sorry that you had to go through all that trouble. But recently thepiratebay.org and songlyrics too had the same block page, and there are thousands of sites that has to go through the trouble every day.
We get hundreds of people with infections on their computer and that is just a small percentage of people who are infected. So the service that google is providing might be trouble for you, but might save millions of $$ in terms of money, information and data.
Thanks, Sunil. I’m not a techie by training but a techie at heart. It takes me time to understand and resolve issues like these when they happen. Thank you so much for the detailed insights you’ve provided regarding the deep, dark, mysterious workings of the interwebs. I agree that Google is doing this for the greater good and I sure appreciate being protected from malicious websites. Thanks, again, for taking the time.
Quite a scary experience!!
Glad that the blog escaped unscathed.
Thanks, V. It was a nightmare. But all I can say at the other end of it: valuable lessons learned