Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Sucuri Webinar: Understand and Fix Google Blacklist Warnings

918 views

Published on

On Jan 25, 2017, Sucuri Digital Marketing Manager, Alycia Mitchell, presented this webinar as a step by step guide to understanding and fixing Google blacklist warnings.
This webinar provided the knowledge to act fast and get rid of those big red warnings on any website.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Sucuri Webinar: Understand and Fix Google Blacklist Warnings

  1. 1. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri VALENTIN VESA Brand Evangelist @adspedia
  2. 2. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR • Digital Marketing Manager at Sucuri • Data geek and cybersecurity enthusiast ALYCIA MITCHELL
  3. 3. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri HOUSEKEEPING ITEMS ● We want to hear from you ● Question tab in GoToWebinar ● Tweet @SucuriSecurity using #AskSucuri ● Questions will be answered at the end ● All questions will receive a response ● Video and slides coming in a few days ● Please share this content with other website owners
  4. 4. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Victoria, BC - Canada
  5. 5. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR My Animals • Loki – Blue Nose Pitbull • Moonshine – Lab • Mystic – Cat
  6. 6. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Overview of Sections • What is the Google blacklist? • Why is your site blacklisted? • How to remove website blacklist warnings
  7. 7. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR What is the Google blacklist?
  8. 8. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri
  9. 9. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR 95% Websites lose… ... of traffic when blacklisted
  10. 10. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR
  11. 11. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR 10,000 Google blacklists… … websites per day
  12. 12. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR
  13. 13. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Many website owners only find out their site has been blacklisted by Google when visitors or customers mention it… A monitoring and alerting system will make sure you detect website hacks and security issues before Google does.
  14. 14. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Website Malware Warnings • These warnings appear on your site if: • The website redirects to other malicious websites • Dangerous websites are sending traffic to the website. • Web spam or IOCs were found on the website. • Malicious downloads can harm Google users: • Viruses • Spyware • Rootkits • Ransomware • etc.
  15. 15. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Deceptive Content Warnings • These warnings will be shown if: • Fake pages trick users into entering passwords • Forgery of legitimate login or payment pages • Content that tricks users into disclosing information • Potentially unwanted downloads • Any content that misleads users: • Phishing attempts • Spoofing of legitimate sites • Fake news and malicious pop-ups • Unwanted software • Malicious campaigns on ad networks
  16. 16. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR
  17. 17. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri
  18. 18. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri
  19. 19. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri
  20. 20. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Search Engine Results Page Warnings • These warnings will be shown if: • SEO spam or pharma spam is present on the site • Malicious redirects are detected • Drive-by-downloads • If there is no red warning page showing yet: • Malicious scripts from third-party sites • Malicious iframes from third-party sites • Could be a precursor to blacklisting
  21. 21. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Blacklist Warning Messages • The website ahead contains malware • Danger malware ahead! • The site ahead contains harmful programs • The site ahead contains malware • Reported attack page • Suspected malware site • This website has been reported as unsafe • Deceptive site ahead • Suspected phishing site • Website request forgery • This site may be hacked • This site may harm your computer • Unwanted software
  22. 22. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Other Website Blacklists • There are over 100 other website blacklists. • Antivirus companies, search engines, and browsers. • We detect the top ten: • Google SafeBrowsing • Norton SafeWeb • McAfee SiteAdvisor • Bing Blacklist • Yandex Blacklist • PhishTank • SpamHaus • BitDefender • ESET • Sucuri
  23. 23. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Why is your site blacklisted?
  24. 24. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Google Transparency Report Click the Details link on your blacklist or go to: Google.com/transparencyreport/safebrowsing 1. Click Site Status 2. Enter your website URL 3. Click the magnifying glass icon to scan 4. Review the Site Safety Details and Testing Details
  25. 25. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri
  26. 26. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Reading the Transparency Report Details Site Safety Details • dangerous URLs to note • intermediary domains • redirect behavior • hosted malware • unwanted ads and apps Testing Details • scan date • discovery date
  27. 27. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Scan Using Sucuri SiteCheck Sitecheck.sucuri.net 1. Enter your website URL 2. Click Scan Website 3. Note any malicious payloads 4. Note any malware locations 5. Check the Blacklist Status tab
  28. 28. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR External Scanners vs. Server Side Scanners • Note: A remote security scanner browses your site to detect malicious behavior - but does not have server access. Some issues can not be detected in a browser (i.e., backdoors, phishing, and server-based scripts).
  29. 29. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Other Website Malware Detection Methods Free Website Scans • SiteCheck • UnmaskParasites • VirusTotal • Redleg Aw-Snap • etc. Free Webmaster Tools • Google Webmasters • Bing Webmaster Tools • Yandex Webmaster • Norton SafeWeb • etc.
  30. 30. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Review Google Search Console Warnings 1. Go to Google Webmasters Central: • google.com/webmasters 2. Click Search Console and sign in with your Google account. • Add and verify your site if needed 3. Check the Messages and Security Issues section for details. 4. Note any malware locations or files flagged by Google.
  31. 31. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Check Recently Modified Files 1. Log into your server using an FTP client or SSH terminal. 2. If using SSH, you can list all files modified in the last 15 days using this command: • find ./ -type f -mtime -15 3. If using SFTP, review last modified date column for all files on the server. 4. Note any files that have been recently modified. Unfamiliar modifications in the last 7-30 days should be investigated for malware.
  32. 32. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Compare Core Files - Diff Command (SSH) To check core file integrity with SSH commands: 1. $ mkdir clean 2. $ cd clean 3. $ wget https://official-CMS-example.org/your-cms-version.tar.gz 4. $ tar -zxvf your-cms-version.tar.gz 5. $ diff -r clean ./public_html
  33. 33. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR How to remove Google blacklist warnings
  34. 34. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR sucuri.net/guides Step by step walkthroughs for popular CMS platforms and website security issues. Get Instructions
  35. 35. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Back Up First! Before you start any cleanup process, take a complete backup of your site including: • Server files • Database • Custom files • Log files Get a professional to help if you have concerns.
  36. 36. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Remove Hacked Website Content • Do not overwrite database configuration or custom files. • Restore using fresh copies of your CMS and extensions. • Use the exact same version of core files, themes, plugins, extensions, etc. • Restore from a recent backup • Make sure it has not been hacked too • Remove hacked content from database • Search for backdoors • Test site functionality
  37. 37. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Important Post Hack Steps • Update all website software to patch any vulnerabilities • CMS version • Extensions, plugins, themes… • Server software such as cPanel and Apache • Confirm all user accounts are valid and update with strong passwords • CMS • FTP/SFTP/SSH server accounts • PHP admin panels, cPanel, DB configuration password • Scan all users computers for viruses and malware infections.
  38. 38. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Request Review with Google 1. Log in to Google Search Console: • google.com/webmasters 2. Go to the Security Issues tab. 3. Review the issues listed. 4. Select I have fixed these issues. 5. Click Request a Review. 6. Type detailed information in the box. 7. Click the Manual Actions section. 8. Repeat steps 3-6.
  39. 39. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Waiting Period… •Wait period after submitting request. • Most take a day or two • Some reviews can take up to two weeks. • Manual actions take longer to review • Google is now limiting repeat offenders • Do not try to trick Google • Make sure your site is absolutely clean • One submission every 30 days Note: Sucuri will submit blacklist review requests for you!
  40. 40. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Bonus Round: How to Prevent Blacklisting • Harden your website using official best practices for your platform • File and folder permissions • Rules in custom .htacccess files • Security configurations • Keep your website up to date! • Make regular backups of your site • Use strong passwords and limit permissions on all users • Stay aware of security news and security configuration options • blog.sucuri.net • Use a file integrity monitoring service or extension
  41. 41. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Shared Server Access Can Be Dangerous Cross-site contamination happens when one FTP account has access to multiple websites. One weak site is all it takes. Ask your host if they isolate FTP and SSH accounts for each website on your server. We recommend using a virtual private server (VPS) which isolates your server operating system.
  42. 42. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR Website Firewall
  43. 43. UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR Alycia Mitchell| @artdecotech #AskSucuri WEBINAR • Time for questions! • Tweet us any time with your questions @SucuriSecurity using #AskSucuri • Reach out to Alycia @artdecotech THANK YOU

×