On 17th of June, we got blighted. Apparently, a worm on one of our office machines managed to append an iframe calling a malicious site to the index page of webchutney.com. These buggers lie in wait for an outbound FTP connection and make their move the moment they get their chance. Damn those virus writers!
Google classified us as a ‘site which may harm your computer’, which had us notice the issue and fix it the very same day. The offending iframe was removed from the page, there was an anti-virus marathon, FTP passwords were changed and all Windows machines were denied outbound FTP access for good measure. As of now developers are required to use a VNC connection to a Linux machines for all uploading needs.
Since then, webchutney.com has been very much malware free. Out of paranoia, we’ve been verifying it everyday, and there’s no sign of any fresh infection. A simple view-source on our pages should quickly demonstrate that.
What’s perplexing though is that Google still continues to classify our site as malware. Any number of ‘reviews’ have been requested from both Google’s Webmaster Tools and StopBadware (the company originally supplying the knowhow for this) but to no avail, till now. As irrational it might seem, we even took the extreme step of taking old the website down, in favor of a fresh spanking one which is currently being built. One hopes that the site content changing radically should have some effect. If not, I guess the only solution is to change our website URI.
Google’s dominance over the search engine business means that you get completely screwed over if you get into their bad books. And its quite exasperating to be wrongfully reported by them as a malware facilitator, for ten days and counting. Given that the SafeBrowsing API is now built into modern browsers like Safari and Firefox, this not only screws Seach Engine traffic, even direct visitors get the wrong ideas.
Heck, even the diagnostic page for webchutney.com mentions that malware was found the last time on the 17th, while Google seems to have visited the site many times after that. One expects the search engine overlords to act faster and behave more logically, given the fact that false positives can ruin reputations.
For our part, we can assure you that there’s no malware on any of our websites, and we shall continue to take actions to ensure that it remains so. Search Engine Experts, do chime in with comments with how this problem can be dealt with.
After wishing the problem away for many days, a post simply had to be made. All in all, this is one lesson well learnt. Meanwhile, do look forward to the new webchutney.com. Its gonna be a lot nicer.
Update (June 30, 2009):
- The malware warning has gone (Finally!). Thank you, Google for having mercy.
- The new webchutney.com website has been up since a couple of days. Do check it out if you haven’t already.