Sucuri Webinar: Understand and Fix Google Blacklist Warnings

UNDERSTANDING AND FIXING GOOGLE BLACKLISTWEBINAR
Alycia Mitchell| @artdecotech #AskSucuri
VALENTIN VESA
Brand Evangelist
@adspedia

WEBINAR
• Digital Marketing Manager at Sucuri
• Data geek and cybersecurity enthusiast
ALYCIA MITCHELL

HOUSEKEEPING ITEMS
● We want to hear from you
● Question tab in GoToWebinar
● Tweet @SucuriSecurity using #AskSucuri
● Questions will be answered at the end
● All questions will receive a response
● Video and slides coming in a few days
● Please share this content with other website owners

WEBINAR
Victoria, BC - Canada

WEBINAR
My Animals
• Loki – Blue Nose Pitbull
• Moonshine – Lab
• Mystic – Cat

WEBINAR
Overview of Sections
• What is the Google blacklist?
• Why is your site blacklisted?
• How to remove website blacklist warnings

WEBINAR
What is the Google blacklist?

WEBINAR
95%
Websites lose…
... of traffic when blacklisted

WEBINAR

WEBINAR
10,000
Google blacklists…
… websites per day

WEBINAR
Many website owners only find out their site
has been blacklisted by Google when visitors
or customers mention it…
A monitoring and alerting system will make
sure you detect website hacks and security
issues before Google does.

WEBINAR
Website Malware Warnings
• These warnings appear on your site if:
• The website redirects to other malicious websites
• Dangerous websites are sending traffic to the website.
• Web spam or IOCs were found on the website.
• Malicious downloads can harm Google users:
• Viruses
• Spyware
• Rootkits
• Ransomware
• etc.

WEBINAR
Deceptive Content Warnings
• These warnings will be shown if:
• Fake pages trick users into entering passwords
• Forgery of legitimate login or payment pages
• Content that tricks users into disclosing information
• Potentially unwanted downloads
• Any content that misleads users:
• Phishing attempts
• Spoofing of legitimate sites
• Fake news and malicious pop-ups
• Unwanted software
• Malicious campaigns on ad networks

WEBINAR
Search Engine Results Page Warnings
• These warnings will be shown if:
• SEO spam or pharma spam is present on the site
• Malicious redirects are detected
• Drive-by-downloads
• If there is no red warning page showing yet:
• Malicious scripts from third-party sites
• Malicious iframes from third-party sites
• Could be a precursor to blacklisting

WEBINAR
Blacklist Warning Messages
• The website ahead contains malware
• Danger malware ahead!
• The site ahead contains harmful programs
• The site ahead contains malware
• Reported attack page
• Suspected malware site
• This website has been reported as unsafe
• Deceptive site ahead
• Suspected phishing site
• Website request forgery
• This site may be hacked
• This site may harm your computer
• Unwanted software

WEBINAR
Other Website Blacklists
• There are over 100 other website blacklists.
• Antivirus companies, search engines, and browsers.
• We detect the top ten:
• Google SafeBrowsing
• Norton SafeWeb
• McAfee SiteAdvisor
• Bing Blacklist
• Yandex Blacklist
• PhishTank
• SpamHaus
• BitDefender
• ESET
• Sucuri

WEBINAR
Why is your site blacklisted?

WEBINAR
Google Transparency Report
Click the Details link on your blacklist or go to:
Google.com/transparencyreport/safebrowsing
1. Click Site Status
2. Enter your website URL
3. Click the magnifying glass icon to scan
4. Review the Site Safety Details and Testing Details

WEBINAR
Reading the Transparency Report Details
Site Safety Details
• dangerous URLs to note
• intermediary domains
• redirect behavior
• hosted malware
• unwanted ads and apps
Testing Details
• scan date
• discovery date

WEBINAR
Scan Using Sucuri SiteCheck
Sitecheck.sucuri.net
1. Enter your website URL
2. Click Scan Website
3. Note any malicious payloads
4. Note any malware locations
5. Check the Blacklist Status tab

WEBINAR
External Scanners vs. Server Side Scanners
• Note:
A remote security scanner browses your site to detect
malicious behavior - but does not have server access.
Some issues can not be detected in a browser
(i.e., backdoors, phishing, and server-based scripts).

WEBINAR
Other Website Malware Detection Methods
Free Website Scans
• SiteCheck
• UnmaskParasites
• VirusTotal
• Redleg Aw-Snap
• etc.
Free Webmaster Tools
• Google Webmasters
• Bing Webmaster Tools
• Yandex Webmaster
• Norton SafeWeb
• etc.

WEBINAR
Review Google Search Console Warnings
1. Go to Google Webmasters Central:
• google.com/webmasters
2. Click Search Console and sign in with your Google account.
• Add and verify your site if needed
3. Check the Messages and Security Issues section for details.
4. Note any malware locations or files flagged by Google.

WEBINAR
Check Recently Modified Files
1. Log into your server using an FTP client or SSH terminal.
2. If using SSH, you can list all files modified in the last 15 days using this command:
• find ./ -type f -mtime -15
3. If using SFTP, review last modified date column for all files on the server.
4. Note any files that have been recently modified.
Unfamiliar modifications in the last 7-30 days should be investigated for malware.

WEBINAR
Compare Core Files - Diff Command (SSH)
To check core file integrity with SSH commands:
1. $ mkdir clean
2. $ cd clean
3. $ wget https://official-CMS-example.org/your-cms-version.tar.gz
4. $ tar -zxvf your-cms-version.tar.gz
5. $ diff -r clean ./public_html

WEBINAR
How to remove Google blacklist warnings

WEBINAR
sucuri.net/guides
Step by step walkthroughs for
popular CMS platforms and
website security issues.
Get Instructions

WEBINAR
Back Up First!
Before you start any cleanup process, take a
complete backup of your site including:
• Server files
• Database
• Custom files
• Log files
Get a professional to help if you have
concerns.

WEBINAR
Remove Hacked Website Content
• Do not overwrite database configuration or custom files.
• Restore using fresh copies of your CMS and extensions.
• Use the exact same version of core files, themes, plugins, extensions, etc.
• Restore from a recent backup
• Make sure it has not been hacked too
• Remove hacked content from database
• Search for backdoors
• Test site functionality

WEBINAR
Important Post Hack Steps
• Update all website software to patch any vulnerabilities
• CMS version
• Extensions, plugins, themes…
• Server software such as cPanel and Apache
• Confirm all user accounts are valid and update with strong passwords
• CMS
• FTP/SFTP/SSH server accounts
• PHP admin panels, cPanel, DB configuration password
• Scan all users computers for viruses and malware infections.

WEBINAR
Request Review with Google
1. Log in to Google Search Console:
• google.com/webmasters
2. Go to the Security Issues tab.
3. Review the issues listed.
4. Select I have fixed these issues.
5. Click Request a Review.
6. Type detailed information in the box.
7. Click the Manual Actions section.
8. Repeat steps 3-6.

WEBINAR
Waiting Period…
•Wait period after submitting request.
• Most take a day or two
• Some reviews can take up to two weeks.
• Manual actions take longer to review
• Google is now limiting repeat offenders
• Do not try to trick Google
• Make sure your site is absolutely clean
• One submission every 30 days
Note: Sucuri will submit blacklist review requests for you!

WEBINAR
Bonus Round: How to Prevent Blacklisting
• Harden your website using official best practices for your platform
• File and folder permissions
• Rules in custom .htacccess files
• Security configurations
• Keep your website up to date!
• Make regular backups of your site
• Use strong passwords and limit permissions on all users
• Stay aware of security news and security configuration options
• blog.sucuri.net
• Use a file integrity monitoring service or extension

WEBINAR
Shared Server Access Can Be Dangerous
Cross-site contamination happens when one
FTP account has access to multiple websites.
One weak site is all it takes.
Ask your host if they isolate FTP and SSH
accounts for each website on your server.
We recommend using a virtual private
server (VPS) which isolates your server
operating system.

WEBINAR
Website Firewall

WEBINAR
• Time for questions!
• Tweet us any time with your questions @SucuriSecurity using #AskSucuri
• Reach out to Alycia @artdecotech
THANK YOU

Sucuri Webinar: Understand and Fix Google Blacklist Warnings

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Andere mochten auch

Andere mochten auch (18)

Ähnlich wie Sucuri Webinar: Understand and Fix Google Blacklist Warnings

Ähnlich wie Sucuri Webinar: Understand and Fix Google Blacklist Warnings (20)

Mehr von Sucuri

Mehr von Sucuri (16)

Kürzlich hochgeladen

Kürzlich hochgeladen (11)

Sucuri Webinar: Understand and Fix Google Blacklist Warnings