Nuke that website!
It all started with a colleague saying she got a strange notice when she visited our VisualsSpeak website. Then she called her web guy, who came and cleaned something off her computer. That’s how the summer started. I upgraded the software on the backend and did everything I knew how to do.
Have you noticed how vague this is? So now you know how it has felt.
While I was totally occupied with learning how to communicate over technology across cultures, Google sends me an email. Is it real? Or is it another phishing scheme? It sounded pretty dire:
We recently discovered that some of your pages can cause users to be
infected with malicious software. We have begun showing a warning page
to users who visit these pages by clicking a search result on Google.com.and it goes on
If your site was compromised, it’s important to not only remove the
malicious (and usually hidden) content from your pages, but to also
identify and fix the vulnerability. We suggest contacting your hosting
provider if you are unsure of how to proceed
Hidden content on a WordPress site. Great. I know there is a database involved somewhere? So into the other side of the tech world. A place where they speak in tongues and letters. Since Google suggested contacting our host, we sent an email off to Bluehost. Their response?
The content of your site is your responsibility. We do not provide support for coding, development, or design. If your site has been hacked, you will need to consult a developer to resolve the issue.
Any hints? What kind of developer? Developer of what? We have no context. What do you type into Google to find such a person? What do you ask them for?
We are getting emails from our customers and collegues. Some people can get on the site, others are getting dire warnings about their computers being destroyed by our site. Not so good for PR.
Back to Bluehost. Do they know any developers? Yes, they refer us to edynamo.com Let’s just say they took our money and after 18 days have done nothing. Not happy.
Desperate acts come from not knowing what else to do.
Today we are just ripping down the whole site. Having Bluehost remove it completely from their servers. It will take down all our email and everything else. And we’ll start over. Then we’ll have to convince Google we have it taken care of so they remove the dire warnings from our site.
Biggest lessons?
- people who are not experts in what you do don’t know the language you speak
- search is great, but useless if you don’t know what to enter
- there are a lot of different kind of developers, I still can’t tell them apart
- there is a huge gulf between the tech side and the user side of technology
- being a fairly savvy user means nothing when there is another kind of problem
- never take a customers money if you can’t deliver (this one is a review for edynamo.com – NOT recommended)
- we should try to meet people who understand how to fix viruses, malware, trojans, worms etc
How do customers talk about the problems they are trying to solve?
Never once during this period did I say I was concerned about a malware injection attack. If that is even what I should have been concerned about. And when I googled malware, I got sites on how to remove it from my computer not my website. I never figured out what would get the results I needed. I did get pages of what I think were code? With instructions that made no sense at all to me.
What did I say? At least the things that are fit for print:
- My site is a mess and I don’t know why.
- Malware, what do I do?
- What do I do with a broken blog?
- Help, I’m infecting my customers!
Important
If you have visited our VisualsSpeak website this summer and do not have up to date virus software installed on your computer, you should run some kind of checker/detector program. I’d like to be able to guide you to resources, but honestly I still don’t understand this whole thing. Perhaps someone who does will leave some resouces in the comments?
Ooh, that warning on your site sure doesn’t make it very appealing. I would use your twitter network and find someone you trust to recommend a trusted advisor on these things. I use WordPress as well, but have it hosted locally by folks I know personally. My data are too important to mess with. I also know where the server is.
These guys, on the West Coast, are good and reliable and might be able to help you:
http://funnymonkey.com/
Ask for Bill.
Gosh, what a mess. Good luck for the big sort-out!
kia ora Christine!
I am shocked to learn of the trouble you’ve had with your site and the bother with sorting it out! I hope things straighten out for you Christine!
I met up with a blogger who knows you well, Nancy White, who says, “Hi!” I spoke to her at lunch, after her stunning keynote at the DEANZ Conference in Wellington, NZ.
I like the pic, by the way. It is so 20th century! But then, so am I
I will run a smorgasbord of Spybot, Norton and Symantec after this
What’s for dessert?
Ka kite
from Middle-earth
I’m so sorry to hear about your attack. It seems so senseless. Hope you can resolve it soon.
Betsy
Just mentioned your problem to my next door neighbor. Have you checked with the domain that provides you with your URL name? He thought that someone might have put a redirect to point people to a totally different web site.
For what it’s worth… Good luck!
Thanks all for the ideas and support. Really helped to know you were all out there while I was pretending to know what to do.
We have been cleared by Google, and the nasty warning has been removed since we are no longer transmitting badware. We even got our money and an apology from edynamo. Things are looking up.
Always update your blog software!