False Malware Positives on WordPress Site Results in Slower Traffic

Website Traffic From a Gusher to a Trickle

I have done web development for a very long time. My first web browser I used was Mosaic. I have also been using computers for a very long time, my first computer was an Apple IIe back in 1983 and I am proud to say I have never used a PC running Windows my entire life in my home. I have had occasion to use them at work which further convinced me I had made the correct choice. 😉 The only reason I mention those two facts is that sometimes people think that Apple users are complacent when it comes to security and malware. I am not one of those people.I take security extremely seriously after having repaired dozens of Windows computers for friends these last decades and saw the damage it can cause first hand. One friend lost all her photos of her family which were irreplaceable. That is very similar to losing them in a house fire.

My new WordPress site here is fairly new. Less than a month old in fact. I have done my absolute best to secure it by installing no less than 3 security plug-ins that were the highest rated and followed the advice of many respected bloggers with even more tips on the FTP side. I changed many files and folders names on my FTP and have both a username and password that are both filled with lower, upper case, numbers, and symbols. I even manually blocked around 85 countries around the world known for hackers like Russia, China, Ukraine, and many others to further secure my site and because my content will be largely irrelevant for those audiences. There is no reason for the Chinese equivalent of Google known as Baidu to crawl my website every hour slowing things down potentially.

But then I saw a message on Reddit that made me think all my efforts were in vain. Had all those days and long hours spent reading security blogs, installing, configuring, and tweaking my site to protect against hackers been wasted? The photo below has a link to that conversation on Reddit if you click the photo.

false positive alert on Reddit

false positive alert on Reddit

 

False Positives Can Lead to Slow Traffic

The above conversation is from Reddit in the comment section over a recent article I wrote that I thought would get a lot of comments and views, but had received almost no views and in fact my entire website had slowed to a crawl with visitors. Why had all the thousands that had dropped by suddenly slowed down to a handful in the last day or two?  I wrote an article called ” Are too many counties in Georgia hurting growth” and I submitted it to the r/Georgia section of Reddit. If you have no idea what that means or what Reddit even is don’t worry.  I have been on there a few years and I still don’t understand it well myself. Reddit is an entire sub-culture and they take it very seriously indeed with terms like flair. But since he claimed my website was blocked by his virus scanners. I had to investigate further especially given the slowdown in my web traffic.

First Steps to take with Slow Traffic or Reports of False-Positive Malware reports

The first thing any website owner should take is to make sure your site is actually safe. It is certainly possible that those reports aren’t false and your website was compromised, so run some online tests to make sure. I actually used about 5 websites to scan my site but here are the two best ones in my opinion. The links below show the report for my site but go to the home page and simply type in any URL whether it is for a site you own or just one you visit to see the reports. The scan only takes a minute or two.

http://app.webinspector.com/public/reports/23185361

http://sitecheck.sucuri.net/results/gwmac.com

Screen Shot 2014-07-19 at 12.00.18 PM

But I didn’t stop there. I also ran malware scans with the security plug-ins with WordPress and they also came up clean. There are a lot of  to choose from. I went with Wordfence, Sucuri Security, and iThemes Security which might be overkill and hopefully there are no conflicts between them which can cause other problems. I also followed all the advice each of those plug-ins suggested with other steps to secure my site. Finally, I looked at my logs for any suspicious activity and repaired and optimized my database with PHP Admin and even updated MySQL to a newer version while I was cleaning house. It was something I had wanted to do so used this as an opportune moment to kill two birds with one stone.

Now that I knew my website was clean I felt a little better but that guy’s comments still bothered me as did the amount of decreased traffic. Since I only use Mac’s and do not have any PC’s with Windows, there was no way I could install AVG or Webroot to confirm what he said about seeing those warnings. Was he just an angry and malicious troll that knew I would likely spend hours trying to verify what he wrote even though it was a lie? Or what if he was actually sincere and Webroot and AVG were giving genuine warnings? Certainly the sharp decline in my traffic from many thousands a day to just a handful was very troubling and this might be the cause.

Steps to take for a False Positive Report

I immediately went to the Webroot Support page and sent them a quick message asking them to check if my site was listed on their database and to please remove it.  I am very happy to report that I just received a favorable reply explaining that indeed it was a false positive and it will take around 2 days to be removed from their list.

Screen Shot 2014-07-19 at 12.14.27 PM

 

I also sent a similar message to AVG since that was the other site the guy from Reddit mentioned but I have not heard back from them yet. I was curious how and why my site ever made it to that list. Apparently false positives are a lot more common than you think. A few angry readers sending in reports can cause them to flag a new site and since this is a watchdog site, I have no doubts many of my previous articles criticizing the corruption and ineptitude of certain civic leaders in Georgia along with their benefactors would not be above something they would attempt to try and shut me up. I like to think of myself as a modern Internet Renaissance man and have a wide and eclectic range of tastes which is why you are reading an article about security on a watchdog site and my next article will be a recipe for preparing Japanese soba noodle so stay tuned!

As a Mac guy I forget how justifiably paranoid people with PC’s running Windows can get and just how many anti-malware programs they could be running. Often they will run too many at once which ironically makes their PC either more vulnerable or will cause instability and crashes. Sometimes less is more. So if you have 4 or 5 various anti-malware programs running simultaneously they may be canceling each other out making you less secure than simply running one.

For any website owners who may experience a false positive on your website I hope this article will aid you.  I suggest you also look at this excellent article with links to all the major anti-malware software and where to report false positives. How to Report Malware or False Positives to Multiple Antivirus Vendors

 

How to Be Safe at Home

Malware is real and is no joke.  It is also a dangerous threat that can lead to identity theft so it is important to be as safe as you possibly can. Most hackers will simply give up if they can’t hack into your computer quickly and move on to easier prey. Have a security and backup plan in place. A few tips is be weary of public WiFi. Never enter your passwords when you are not on a safe and secure wi-fi network because you never know who is watching. Make sure and use long and difficult passwords with numbers, symbols, upper and lower case. Find an app that can save and store those passwords for you. On Mac OS X,  Safari will do this automatically by suggesting a password and saving it in iCloud for you. Make sure to update your software often. It is not only the operating system that needs updates but the applications as well. Adobe Flash is notorious for having critical updates. Don’t open unknown emails and especially any attachments. Don’t click links from your bank or credit cards from emails, type those addresses into your browser manually.

Below are just a few sites I found that give far more detailed information and excellent tutorials on security and data backup for people who use Windows.I am sure you can find many more.

Bleepingcomputer.com  (The grandaddy of them all and a great place to start)

How to Secure Your PC

Malware Tips

Top Eight Security Tips for Windows 8

Below are some free Online scanners to check if your computer has been infected

A very knowledgeable friend of mine that works with Windows recommends Kaspersky as the best. I know that both Avast and AVG also offer free versions but have no opinion as to their efficacy.

Eset

Bitdefender

Trend Micro

Kaspersky

 

 

 

About The Author

No Responses

Reply