While browsing your website you can come across error message in your Mozila or Google Chrome web browsers. (fig 01 & 02)
fig 01: attack reported on Mozila Firefox
fig 02: attack reported on Google Chrome
This type of message you can not see on Internet Explorer.
The problem that you have faced due to a code hack done by internet hackers who scans your website using some internet robots and gets hold of the coding and other relevant details about the server like web server version, scripts language and database type. This problem has come into light in recent years and not only your site but many other sites are affected with this problem. The hackers inserts some malicious codes as well as some scripts and iframes that redirect to other sites containing virus for which they don't need any access to the server. These types of infection are called "Cross-site scripting" which operates on the vulnerability in the website and exploits them (like non filtered input in the search/ contact/ login/ any type of submit page). No firewall, antivirus, antispyware can protect this to happen. It can only be stopped by patching up the vulnerabilities in your site.
Affected files — index files in all folders mainly index.html, home.html, default.html or php files or any other html or php files in the website and htaccess file also affected by this kind of codes.This is a platform independent attack and can happen in both WINDOWS and LINUX servers. Samples of affected files are shown below.
Sample of infected htacess file.
Sample of URL insertion in iframe and script tag.
Steps to follow in webmaster tool
Google Webmaster tool URL: www.google.com/webmasters/tools
After login into the Webmaster tools. Add your site.
Now you need to verify your site ownership, click on the Alternate methods to verify your site.
Select the second option "Upload an HTML file to your server" and follow the Instruction. After completing the steps (1-3) click on Verify.
You will get a confirmation message after successful verification. This site may be distributing malware. Click on More details.
Now click on Details to show the exact malware code in the file.
After clean up the site and patching up all the vulnerabilities check the certify box and write some comment and click on Request a review.
You have completed the procedures in Webmaster tool, Google has accepted your request to review the site, it will take 24-48 hours as per Google policies.
If you have any further queries please write to us at the address: support[at]diadem.co.in.
Article ID: 342
Last updated: 07 Jun, 2011