Tuesday, February 17, 2015

No, this site isn't hacked

No, this site has not been hacked just yet.

An alert reader noted that when you google "Living Stingy" you get the following hit:

Living Stingy
This site may be hacked.
This seems alarming at first.  But when you click on the link "this site may be hacked" it takes you to Google Webmaster tools, which gives the following information:

How to remove the message if you're the site's webmaster

The "This site may be hacked" notification will not be removed until the webmaster of the site takes action.
Try these steps to fix your website:

  1. Register and verify your site in Google’s Webmaster Tools.
  2. Sign in to Webmaster Tools and check the "Security Issues" section to see details of sample URLs that may be hacked. Fix the security issue that allowed your website to be infected. Otherwise, your site is likely to be reinfected.
  3. Read our resources for hacked sites for detailed information on how to fix your website.
  4. Request a review in the Security Issues section in Webmaster Tools when your entire website is clean and secure. After we determine your site is fixed, we'll remove the "This site may be hacked" notification.
Sadly, when you go to the "Security Issues" section of the site, I get:

Security Issues

Currently, we haven't detected any security issues with your site's content. If you want to learn more about security issues and how they could affect your site, review our resources for hacked sites.

However, if you see a malware warning in the browser when navigating to your site, it's likely that your site is referencing code or content from another domain that has malware. Read up on cross-site malware and learn how to address it.

Thus, it appears that Google (or its bots) is determining that some link I put into one of the 2500+ postings I have on this site, now may be linked to a hacked site - which may include links to images or old hyperlinks from years ago.
But to remove this "this site may be hacked" message, I have to go through a number of hoops, including proving ownership of the site, finding the offending URL (if any) from all 2500 postings (!!!!) and then going to Google, on bended knee as a supplicant, asking that they pretty-please remove this "this site may be hacked" notation.

Quite frankly, this seems like an enormous amount of work to do.   If anyone knows which URL they are referring to, I can remove it.   But failing that, I will just have to be on the lookout for it, if I see it in an older posting.

One of the tools Google recommends using sitecheck.sucuri.net.  When I run this, I get:

Status: No Malware Detected by External Scan. Additional Actions Recommended!
Web Trust: Not Currently Blacklisted (10 Blacklists Checked)

Scan Result Severity Recommendation
Malware Not Detected Low Risk
Website Blacklisting Not Detected Low Risk
Injected SPAM Not Detected Low Risk
DefacementsNot DetectedLow Risk

But, hey, for $199 a year, they will "clean up my site" for me.  Very Interesting.   Stay Tuned.

UPDATE February 22, 2015:  As mysteriously as this message occurred, it disappeared.  The site is no longer listed as "hacked".

Thanks to those with helpful suggestions!