1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Help my site is mark as "This site may harm your computer" !

Discussion in 'BlackHat Lounge' started by esi0411, Sep 29, 2016.

  1. esi0411

    esi0411 Registered Member

    Joined:
    May 22, 2010
    Messages:
    99
    Likes Received:
    6
    hi bhw

    my site is mark as "This site may harm your computer" but unfortunately is copyright content (movie streaming)

    how do i solve this?

    now i try to contact hosting ,

    any one experienced with this, specially with blackhat site?
     
  2. Fragmaster

    Fragmaster Jr. VIP Jr. VIP

    Joined:
    Apr 3, 2016
    Messages:
    678
    Likes Received:
    994
    Gender:
    Male
    I had that problem in past with free hosting. They are always shared, and if any site on server is flagged as malicious, all sites hosted on same server will be tagged as dangerous (sometimes just that IP, sometimes entire IP class)
     
    • Thanks Thanks x 2
  3. esi0411

    esi0411 Registered Member

    Joined:
    May 22, 2010
    Messages:
    99
    Likes Received:
    6
    my site is not in free hosting, but in shared host , now hosting is scanning my account

    just afraid it cannot back to normal since it movie streaming site, it need 9 months hard work to get traffic and now it drop
     
  4. Sherbert Hoover

    Sherbert Hoover Jr. Executive VIP Jr. VIP

    Joined:
    Dec 26, 2010
    Messages:
    997
    Likes Received:
    8,030
    Occupation:
    ORM - Branding - Content
    Location:
    United States
    Home Page:
    Ah yes, movie streaming sites. You're fucked now, buckaroo. You may want to focus your efforts on a niche that is a little more lasting.
     
    • Thanks Thanks x 1
  5. milwood26

    milwood26 Newbie

    Joined:
    Nov 29, 2014
    Messages:
    19
    Likes Received:
    7
    Occupation:
    IM
    Location:
    USA
    Home Page:
    make sure your url is "http" and not "https"
     
  6. Rahulraj9674

    Rahulraj9674 Junior Member

    Joined:
    Aug 17, 2016
    Messages:
    155
    Likes Received:
    26
    Gender:
    Male
    Go for a reputed hosting service like godaddy or hostgator as they keep cleaning malicious content from the server and keep them clean.. You may try vps and make sure you are not using any nulled theme or template as most of the time they contain malicious links in the code.
     
  7. esi0411

    esi0411 Registered Member

    Joined:
    May 22, 2010
    Messages:
    99
    Likes Received:
    6

    how do i change it, in my wordpress it had set to http://www.
    [​IMG]

    and i just add in to googlewebmaster , google detect with http, https, www and without www
    [​IMG]
     
  8. Capo Dei Capi

    Capo Dei Capi BANNED BANNED

    Joined:
    Oct 23, 2014
    Messages:
    754
    Likes Received:
    1,732
    Are you using a crappy ad network? Many of them have 1 or more ads that may have malware.
     
  9. esi0411

    esi0411 Registered Member

    Joined:
    May 22, 2010
    Messages:
    99
    Likes Received:
    6
    i just using adcenter, but i see big movie streaming using this network , and they all fine
     
  10. Zwielicht

    Zwielicht Moderator Staff Member Moderator Jr. VIP

    Joined:
    Aug 31, 2013
    Messages:
    6,569
    Likes Received:
    11,716
    Gender:
    Male
    Occupation:
    Private Investigator
    Location:
    Riverside, California
    Home Page:
    You just gave me an idea for a much needed service around here.

    Anyway, you need to download all of the sample URLs and check each and every one of them using the "Fetch and Render as Google tool". If Google sees something different than your visitors, you have a problem. Scan your site for malware using Wordfence or Sucuri and try to find out if those programs detect any malware.

    Like @Fragmaster said, sometimes when one site gets flagged on a shared host, the other sites will get flagged as well. However, if the sample URLs turn out to be real pages on your site that have been affected, then the problem is most likely your website.
    If you can't edit it there, I believe you can change it manually from your wp-config file.
    Canonicalisation issues! You need to register the www, non-www, http, and https versions of your website and set all of them to the preferred domain. You also need to use that preferred domain in your internal links as well as ensure that your the other URL variations direct to the preferred domain.

    I noticed you sent in a panic appeal. You should've waited a bit longer to send in an appeal. I typically send in information regarding site scans, what I did to resolve the issue, and what steps I took to secure the site even further. Whether or not doing this matters is up for debate, although my appeals never get rejected.
     
    Last edited: Sep 29, 2016
  11. esi0411

    esi0411 Registered Member

    Joined:
    May 22, 2010
    Messages:
    99
    Likes Received:
    6
    will install Wordfence and do a scan , well i know nothing about Canonicalisation but i will try consult with my hosting and get SSL. iam suspect this canonicalisation is the issue and the ads/CPA network thats put PPD for third country
     
  12. Zwielicht

    Zwielicht Moderator Staff Member Moderator Jr. VIP

    Joined:
    Aug 31, 2013
    Messages:
    6,569
    Likes Received:
    11,716
    Gender:
    Male
    Occupation:
    Private Investigator
    Location:
    Riverside, California
    Home Page:
    Visit your website and go to the HTTPS and HTTP versions of your website. When you go to whichever URL you don't normally use, is that URL accessible, or does it redirect to the one you use?

    The page below will tell you everything you need to know.
    https://support.google.com/webmasters/answer/139066?hl=en
    Other resources you need to read:
    https://moz.com/learn/seo/canonicalization
    https://www.mattcutts.com/blog/seo-advice-url-canonicalization/
     
    • Thanks Thanks x 1
  13. Conor

    Conor Jr. VIP Jr. VIP

    Joined:
    Nov 7, 2012
    Messages:
    3,538
    Likes Received:
    5,856
    Gender:
    Male
    Location:
    South Africa
    Home Page:
    A lot of replies in this thread are just wrong. Your site got hacked. Install GOTMLS and iThemes Security, and use those to unhack and secure your site.
     
    • Thanks Thanks x 1
  14. esi0411

    esi0411 Registered Member

    Joined:
    May 22, 2010
    Messages:
    99
    Likes Received:
    6
  15. ziplack

    ziplack Supreme Member

    Joined:
    Feb 18, 2010
    Messages:
    1,278
    Likes Received:
    646
    Location:
    BHW
    2 things
    1 - google has recibe to many complains of your websites and they need to taken down that way (it happens to torrents sites.)
    2-your website its hacked and there is a malware on it and it needs to scan and removed
     
  16. Zwielicht

    Zwielicht Moderator Staff Member Moderator Jr. VIP

    Joined:
    Aug 31, 2013
    Messages:
    6,569
    Likes Received:
    11,716
    Gender:
    Male
    Occupation:
    Private Investigator
    Location:
    Riverside, California
    Home Page:
    All right, that's good. Don't worry about enabling SSL right now, worry about removing the malware first.

    Back to the hacked site problem, did your web host ever get back to you when you contacted them? Also, did you upload Wordfence/Sucuri/iThemes and use it to scan your site?

    I don't like Sucuri's external scanner, but here the results if you're interested. https://sitecheck.sucuri.net/results/www.watchonline.red
     
    • Thanks Thanks x 1
  17. esi0411

    esi0411 Registered Member

    Joined:
    May 22, 2010
    Messages:
    99
    Likes Received:
    6
    hi Zwielicht

    after a install and scanned with Wordfence, i found a weird script before close of head and all my theme in that domain had that script, download same, frees theme and compare, the frees one dont had that script, one fore sure . the script contain hxxxp://hcl.gr that also mark as malware site

    and i had removed it now,
    btw the hosting support report with not virus/malware detected after do a scan

    [​IMG]
     
  18. Zwielicht

    Zwielicht Moderator Staff Member Moderator Jr. VIP

    Joined:
    Aug 31, 2013
    Messages:
    6,569
    Likes Received:
    11,716
    Gender:
    Male
    Occupation:
    Private Investigator
    Location:
    Riverside, California
    Home Page:
    Did the web host mention if there was any malware before the scan, though?

    I can't read php well, but assuming that was the cause of the problem, your next step would be to find out how the script got into your site and if the hacker left any backdoor scripts in one of the files in order to get back in.

    Read through the guides below.
    https://codex.wordpress.org/FAQ_My_site_was_hacked

    https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

    If you have any backups from a time before your site was hacked, you can try restoring your site that way and then securing it. Also ask your web host if any other sites on the same server were compromised.

    What I did for one client was completely wipe everything from their server and rebuild the site from scratch. It was an extreme case where the site had been hacked for years, so I salvaged what I could, rebuilt the site, and the site hasn't been hacked since.
     
    • Thanks Thanks x 1
  19. esi0411

    esi0411 Registered Member

    Joined:
    May 22, 2010
    Messages:
    99
    Likes Received:
    6
    i just ask for virus scan for my account, after they do a scan they said no anything found AND i no have any backup,

    after i check my other domain (in same web host account) all my site had that script and in same spot, and one more site is get mark "This site may harm your computer"
     
  20. duomaxwell

    duomaxwell Newbie

    Joined:
    Oct 8, 2015
    Messages:
    34
    Likes Received:
    13
    You definitely got hacked. It looks like from the script you posted above it was performing some sort of session hijacking. The script was pointing to that hcl site.
    Also, using WordPress for anything is quite risky. If you have any programming skills, just build yourself a simple CRUD style site using a popular web framework, and you'll be infinitely more protected than what you're currently using. I'm also in the movie niche. Just out of curiosity how much are you making per day?
     
    • Thanks Thanks x 1