Lately a lot of websites or blogs that hit the web page script injection which resulted in the web is blocked by the browser because detected as Malware. Surely this would be harmful and could reduce the number of visitors on the web / blog. Some examples of malware code that is inserted into a web file that is usually in the iframe tag formats.
If traced the address in the URL in an iframe, then it will not appear anything that domain alias can not be accessed from a browser. And if the web is accessed through a browser that is infected will display a warning message as below,
Attacks that could be called Cross Site Scripting (XSS) attack was likely caused by a bot (program) that randomly attacked several sites to try to enter the FTP password using a combination order (brute force password attack), so if the cpanel password is too easy to like 'love' (without the quotes) then the bot will insert iframe code in the index files in all folders. Or it could be caused by a trojan virus or spyware on your PC that is able to track the FTP password FTP when it is opened the virus which then sends the password information to the server. Another possibility due to hacking attacks by hackers / crackers who deliberately want to break through FTP in any way they could use.
To overcome this injection attack, there are a few tips that can be used
- Upload file reset all web / blog link to the server
- Replace all cpanel hosting and database password with random characters a combination of letters, numbers and characters, if I can change the admin password is also a web / blog
- Add the code , so if there is a script injection, the virus code will be treated as a comment in HTML. But it did not rule out the browser will still detect the malware code.
Or to get rid of Malware can be performed also the following important steps:
- Clean up your Computer with the latest antivirus (required)
- Websites you clean from malware. Here to remember the last time ever done before uploading the files detected as malware last, posting the last article.
- Perform updates on the Google webmaster tools.
To perform the update in google webmaster tools, do the steps - these steps:
- Entered into http://google.com/accounts and login with your user password in google
- Click on the Webmaster tools.
- If you are not the listed sites, add the button "Add a sites"
- Continuing "verify this sites"
- Select "Upload an HTML file" in the Verification method
- Click on Download this HTML verification file and save it on your computer
- Upload a file to the main page of your websites.
- Finally click on verify after successful upload
After the verification process is successful, continue with these steps:
- Click on your domain name in the domain list list Webmaster tools.
- Click on the Labs in the left menu
- Click Malware details
- Follow the instructions to remove malware on your sites from the infected pages.