We’ve all had that moment. You know, the one where a friend leans across the table and discreetly whispers “You’ve got something in your teeth.” Instinctively, you cover your mouth and scurry off to the bathroom to fix the problem. A flipbook of social interactions races past and you wonder how many people you talked to while that piece of spinach stole the show and undermined your credibility.
As it turns out, while I’ve been yapping on about paid search and web analytics, there’s been a big, old piece of digital spinach stuck in my blog: malware.
Both Phil Pearce (blog ) and Nick Stees contacted me to let me know they got a malware warning when from AVG, a security program, when they tried to read my site. Instead of my mildly entertaining insights, they were greeted by a big, ugly warning sign screaming: Run Away!
(click to enlarge)
Not exactly the welcome mat, right?
Removing The Malware
Among his many useful tips, Phil pointed me in the direction of Sucuri . They bill themselves as a “provider of web-based integrity monitoring and malware detection solutions.” Or, more amusingly, “In simple terms, we clean up the mess. If your site got hacked, blacklisted or infected with malware, we fix it for you. If your site is clean, we monitor it to let you know if a problem ever happens.” I can personally back up their claim. My site was cleaned within 30 minutes of submitting my ticket, all for $10.
Until this incident, I never know Sucuri even existed and only had a vague familiarity with site monitoring and maintenance tools. It’s a bit like traveler’s insurance: you only really pay attention after you lose your luggage.
I’ll leave the details of how my site got infected and the potential defenses to the long list of tips Phil generously shared (included below). The larger point here is that when we think of measurement, we usually focus on marketing and site experience. Most of our analysis includes metrics that are easily accessible in our web analytics tool and generally understood. Even qualitative data focuses on site level and page level surveys.
But what happens if someone can’t get to your site? You may notice a dip in traffic, but if the segment isn’t big enough, you may not. That was certainly the case with me. I only learned about the problem, because two kind souls followed me on Twitter and took the time to reach out. How many more had an issue before I discovered it? What was the hit to my credibility? I’ll never know.
I took away two lessons:
- If you own the site experience, as a marketer or web analyst, you’re also directly or indirectly responsible for site uptime and security. Typically, this belongs to the realm of IT or webmasters. But, we can empower ourselves with our own tools, like Sucuri, to get alerts before issues spread to epidemics.
- Being easily accessible is valuable. A small number of people would ever both to take the time to track me down and help me with my site. It would have been virtually impossible for them to do that if I wasn’t public (on Twitter as DigitalAlex), participating in the conversation and welcoming of contact (I put my phone number and email address on my profile).
On a final note: My apologies if anyone experienced issues after visiting my site. I’ll try to keep the damage to bad analogies.
Phil’s Tips and Links
You can also try the malware scanner on this site – it can verify the WordPress install is secure – once you have restored from backup (requires login)
WordPress Malware & Media Temple
- Backing up and restoring a MySQL database: http://kb.mediatemple.net/questions/129/
- Hardening WordPress and checking for exploits: http://wiki.mediatemple.net/w/Hardening_Wordpress
- Working with a hacked or compromised server: http://kb.mediatemple.net/questions/1577/
- WordPress Backups: http://codex.wordpress.org/WordPress_Backups
- Database Users on the (gs) Grid-Service: http://kb.mediatemple.net/questions/1650/
- WordPress support - http://wordpress.org/support/topic/421834
WordPress Invisibile Administrator Hack (aka JohnnyA)
- How To Fix WordPress Invisible Administrator Attack – http://www.thinkerati.com/whiterabbit/seo-and-online-marketing/wordpress-invisible-administrator-hack/
- WordPress Permalink Hack – http://www.studionashvegas.com/wordpress/latest-wordpress-hack-check-your-permalinks-people/