We were hacked. Bet the thought of it gives you shivers. It sure did me, and more!

As a web designer I use many tools to monitor my site and stats. I signed up for Google Webmaster Tools and was horrified to see a list of keywords that were pornographic AND not on my site. The first question, of course, was where on earth were these coming from.

The next step was to go through every page on the server and check for files / folders that appear suspicious. My main site was fine. What was not fine were archived folders (2) outside of my main site.

I downloaded one of the pages to view the code and saw that there was a script underneath. On further research (Google search) I discovered that these pages were simply jumping off points, due to the script, to actual pornographic sites. But there was my url listed with these awful pornographic words – in Google’s search index.

What I Did Once Found

I removed the files. I created a 400, 403, 404 page stating “PLEASE NOTE: WE HAVE HAD A PROBLEM RECENTLY OF FILES BEING UPLOADED TO OUR WEBSITE THAT WERE NOT CREATED BY THIS COMPANY AND CONTAIN OFFENSIVE MATERIAL. IF YOU ARE LOOKING FOR THESE FILES, THEY NO LONGER EXIST.”

Seeking Extra Resources

My next step was to go to upload an htaccess file loaded with all of words. So we went through all the keywords we had (don’t do this on a full stomach folks) and added to the list and put it up.

How Did This Happen?

It appears that malware has been downloading to unsuspecting websites with a software update.

What Can You Do To Check Your Site?

A good place to start is Google Webmaster Tools and Google Analytics because (increasingly) Google is using the Google Webmaster Tools to inform webmasters of problems with their sites. If you see strange page names being accessed and keywords that do not relate to your site you very well may have a problem. If this is the case contact your hosting company AND check every file in every folder.

Author: Jan Carroll
Article Source: EzineArticles.com
Provided by: Guest blogger

Related posts:

1. Skipfish-Web Scanning Security Tool from Google
   Google has released an open-source Web security scanner called Skipfish that is designed to allow people to scan Web applications for security holes. The tool scans a Web application for...
2. Pause your Google History
   Have you ever used your Google search history? If you are logged into any Google service, Google automatically keeps a history of your search queries ad web activities. According to...
3. Enter the Dragon browser, the more secure Google Chrome
   The open source engine that forms the basis for Google’s Chrome has spawned an ostensibly new browser, Comodo’s cleverly named ‘Dragon’. Internet Explorer might be the most used, Firefox the...
4. Google pulls out of China
   Is this a divorce or separation?  I chronicled Google’s dysfunctional marriage to China last month. This week Google shut down its search service on the Chinese mainland last night after...