Archive for the ‘SEO’ Category

Your Website Got Infected with Malware? Get Sucuri!

Tuesday, November 29th, 2016

So you woke up to day and found your website like this?

Yeah… it can be a pain. Not only your website is not working. It is also being blacklisted by Google.

Basically your website has been tempered with and now contains malicious snippet of codes for your website visitor. Because of that, Google blacklists your website and also browsers prevent users from opening them.

How did it get to this?

Well, there are many ways. First, maybe there are PHP scripts in your website that is not secure and provides opportunity to attacker to come and temper with your website. I have heard of cases where people download PHP scripts from “alternative” sources, avoiding payments. This maybe PHP scripts, WordPress plugin or themes, and many more.

And the guy that provided the download actually added some of his code in there which will allow him to do things on your website. What could this be? Well, maybe capture visitors’ information, replace your page with a different one, send spam emails from your servers… the possibilities are endless once they have access.

It could also be that your website was actually hacked. How, well, again… numerous ways.

Another way that I discovered on how this could’ve happened is with a technique among hackers called “domain jumping”. You see, normally each website on a server has its own folders. A malicious script on the server could potentially trigger a command to see what are the available folders and start going into them one by one and infecting websites. When something like that happens, it is the web hosting company’s responsibility to fix them. But then again, you can’t really rely too much on them. It is better you take your own steps to fix this.

Sow What Do I Do Now?

I got this problem some time ago. And it was really a pain. I cleaned it all up myself. I downloaded EVERYTHING from the server. It was almost 1GB in size for everything. That took a long time. And then, I had to go through every PHP file to check what’s inside. There were thousands of files, over 10,000.

After a few files, I could see a pattern. And it is not one pattern. There are several. From what I can gather, I am not infected once, but by many types of malware. The goal is to remove the malicious codes from your PHP files. Seeing the pattern, I wrote a simple script that would crawl my downloaded website, open PHP files and check the content, trying to find codes that match the pattern for malicious codes that I found earlier.

The huge pain was when I found new patterns. And when I do, I would have a to update my script, or write a new script to crawl and fix all PHP files again. I think I ran my script maybe like 10 times through all the PHP files that I download.

You would also have to find “newly” create PHP script, that was created by the infected PHP script. These new PHP files are actually backdoors created for the attacker. Sometimes it is hard to find these backdoors as their name looks very much similar to your normal php script. For example, it could be like config.php or settings.php, or it would be mimicking an actual important file. So you can’t simply just delete it. You would need to check them, find out and be really sure before deleting them.

When you are done, of course, there uploading work again. Just how you download them, it would take just as much time to upload them back again. Most internet has different upload and download speed, where upload speed is much lesser than download. That is what my ISP has for me. So this time, uploading takes a lot longer than download.

At first, I thought I did a good job after almost a week, day and night, fixing it. But then, the problem reoccurs. And all that my web hosting knows is to shut down my website. It appears I missed a few things. So I did this process all over again. Download, fix, scan, find, delete, upload …

At times, I think perhaps the web hosting is the problem. It could be that domain-jumping thing… maybe other people’s website on that same server was infected. And the script can scan and crawl from folder to folder infecting other websites in the server. But of course, the web hosting would deny this.

Don’t Forget Submitting a Review for Google Webmaster

Oh yeah … after all that, your website may still be blacklisted by Google. What you need have your website added to the Google Webmaster panel. And then you need to submit for a review by Google. They will deploy their bots to check your website. And if everything is OK and clean, they will remove you from the blacklist.

More on Google Review here

In the end, I moved my website to another web hosting. But now, I found out about a service that can take care of this much faster, easier — just that you would have to pay for it. But even so, it wouldn’t have take much painstaking time on my hand. The service is Sucuri.

$299 To Fix Your Malware Infected Website, With Active Monitoring And Re-occurrence Clean Up For One Whole Year. Your Website is Already Infected? No Problem! No Extra Charge.

At first I thought Sucuri acts like an insurance — They don’t cover pre-existing conditions. But no! They take it all in. Whether you are already infected or not, the price is the same. And even if your website is not infected with malware, Sucuri will proactively monitors and prevents it.

How does it work?

If you are already infected, just subscribe and follow their guide on how to submit for a cleanup.

After that, for active prevention and monitoring, you have to update your DNS to divert traffic via their network and servers before going to your website. This will act like a firewall for your website where Sucuri will prevent attacks, such as DDoS, hack attempts and more.

If the firewall fails to prevent it, and your website is infected with malware, just submit a ticket to get your website cleaned up.

I think Sucuri is definitely a friend you want on your side, if you want to avoid wasting time and money fixing it, submitting for Google Review and also not to mention the amount of money you’ve lost due to downtime. If you run an e-commerce, that could mean thousands of dollars of lost sales. Or if you run a blog, that is also advertising revenue lost.

Anyway, I hope you will check out Sucuri. Setting up Sucuri may get slightly technical with DNS, FTP and what not. If you get Sucuri via my affiliate link, and you need help setting up your Sucuri, just get in touch with me via the comments. I will do my best to help you with it.

11 Powerful Free Link Building Tactics

Saturday, March 28th, 2009

I am building some new sites and generating traffic with SEO. This is kinda my little experiment. My aim is to build a website with $200 budget, outsource all that I can and make it profitable in 90 days. I have two websites up and running right now. I just completed them. Just got started with some SEO.

You know that when it comes to SEO, there’s only three important steps – One, keyword research. Two, website optimization. Three, link building. I am at number three right now. And I discovered 11 different ways to get powerful links coming back to your website — for free.

Article Marketing

I am sure you know this one, right. You write articles and distribute them to article directories. There are hundreds (maybe thousands) of article directories on the Internet. You can submit to them all or at least submit to, and

Link Directories

Well, there are more link directories out there than there are article directories. Getting your website on these article directories sure is an easy way to build backlinks. Some of these directories have high Pagerank, which will help in search engine spider crawls and indexing. Simple searching for “link directories” will give you a lot of options. You may need to prepare some basic info about your site because you are going to need them a lot when you start to submit your website to these directories.

Social Bookmarking

Social bookmarking sites allow you to share and recommend your favorite sites with others. Who said that the sites has to be other people’s site? You can bookmark your own sites. You can also expect some viral traffic if your site contains really great content that others would appreciate. And because of that, those really good content you have on your blog, make sure you bookmark specifically those pages, not just the main page website. Some social bookmarking sites are like Digg, StumbleUpon, Reddit, BlinkList, Furl. You can use to help you bookmark your website to more social bookmarking sites faster.

Blog Comments

Yep, you can simply go to other people’s blog and leave your comments there. There are many high PR blogs and does not use the nofollow tag. And even if they use nofollow, remember, MSN and Yahoo don’t care about those… You can still rank well and get traffic from Yahoo and MSN even the blog uses nofollow. When I started Googling around, I found some directories that list out blogs and does not use the nofollow tag. That’s a good place to start looking for blogs to comment to. And make sure you make insightful comments and not to just blantantly promote your site.

Submitting Videos

This is simple. Create and upload videos. One video can be submitted to many, many video sites. You know, YouTube, Metacafe, Viddler, etc… And don’t tell me that videos are hard to create. Just use the free photos from, your website screen shot and the free video editing software in your computer – Movie Maker or iMovie. If you have Camtasia, you can use that too. And your video doesn’t have to be long. 1-2 minute is good enough. And the best part, you can link back to your website.

Now, on with some more interesting tactics…

Profile Pages

Not many really know about this. There are many high authority websites that accepts user registrations. And each user will have their own profile page. Another interesting thing is that you can link to your website from your profile page. Just some that I can list out right now…,,,… and also VBulletin powered forums.

RSS Directory

Just like Link Directories, there’s also a type of directory where you can submit your RSS feed URL.

Software Directory

This may sound unrelated, but you can always create some kind of software for your site. There’s this thing called PAD file, where it contains info about your software. What you need is a PAD file creator, and then just use a PAD submitter and you are all done. As for the software, you can create application as simple as compiling a 1-page website into an EXE application.

Satellite Blogs

Instead of getting other websites to link to you, why not just build those yourself. One article is all that you need and you can build blogs on,,,, and many more…

Social Pages

This is where you create pages on websites like Squidoo and HubPages. The ultimate is where you can get a link from Wikipedia.

Forum Posting

Quite similar to blog comments, but this time you participate in forums. Just like doing blog comments, I recommend that you participate in the conversion and share something of value. And lastly, I recommend that you link only from your signature.