Dear site owner or webmaster of beatyourdepression.com,

We recently discovered that some of your pages can cause users to be
infected with malicious software. We have begun showing a warning page
to users who visit these pages by clicking a search result on Google.com.
Below are some example URLs on your site which can cause users to be
infected (space inserted to prevent accidental clicking in case your
mail client auto-links URLs):

http://beatyourdepression .com/blog/
http://beatyourdepression .com/blog/category/overcoming-depression

Here is a link to a sample warning page:
http://www.google.com/interstitial?url=http%3A//beatyourdepression.com/blog/

We strongly encourage you to investigate this immediately to protect
your visitors. Although some sites intentionally distribute malicious
software, in many cases the webmaster is unaware because:

1) the site was compromised
2) the site doesn’t monitor for malicious user-contributed content
3) the site displays content from an ad network that has a malicious
advertiser

If your site was compromised, it’s important to not only remove the
malicious (and usually hidden) content from your pages, but to also
identify and fix the vulnerability. We suggest contacting your hosting
provider if you are unsure of how to proceed. StopBadware also has a
resource page for securing compromised sites:
http://www.stopbadware.org/home/security

Once you’ve secured your site, you can request that the warning be
removed by visiting
http://www.google.com/support/webmasters/bin/answer.py?answer=45432
and requesting a review. If your site is no longer harmful to users,
we will remove the warning.

Sincerely,
Google Search Quality Team

I checked out some information from stopbadware.com and realized that the static site was OK, but the blog had some problems. I now know why the traffic stats had dropped significantly. Google had dropped the blog posts from its index.

I contacted my hosting company. They were helpful as usual, but they told me that they could not really help me too much without any more specific information from Google.

I knew that dad and I had not deliberately put malicious content on the blog, so I investigated further by checking http://www.stopbadware.org/home/reportsearch with all of the external links that we had on the blog. All of them were found to be clean.

I used the clearing house tool with several of my other sites, including this blog, and they all came up clean until I arrived to another site with the same wordpress theme as the beatyourdepression theme. Therefore I thought that it was possible that the theme itself had been corrupted somehow. However, I found some other sites with the same wordpress them and they all were clear.

I then tried some of my other blogs and found a few more that were earmarked by the clearing house as having badware within them.

It then became apparent that there was a common denominator between the blogs that had badware and those that were OK. The ones that had badware had “Anyone can register” ticked in the membership section of the settings in wordpress. I unticked all of those boxes on the affected sites, although the latest wordpress upgrade (2.5.1) is supposed to fix this problem.

I then had to search through all of the posts for coding that was not supposed to be there. (Go to Manage post and choose html). Much of the bad coding had iframes and something like “<-traffic Statistics” and links to bad sites such as ringphones, casinos etc. It took ages to sift through all of the posts and remove all of the bad code, but hopefully it is all OK now. Note that all of the badware is not visible on your blog for the viewer.

I have asked for Google and stopbadware to check the site out again and I shall have to wait and see how it all goes. I really have to thank them for alerting me about the badware as the last thing I would like is having my readers being affected by it.

I have learnt my lessons. 

So what do I suggest other bloggers to do right now???

1. Upgrade your wordpress (or other type) blog NOW.
2. Remove the tick from “Anyone can register” if that is not totally necessary.
3. Check out to see if your sites have badware on them using http://www.stopbadware.org/home/reportsearch
4. Fix up any corrupt posts or pages by deleting the bad code
5. Tell Google and Stopbadware that your site is now OK again (if there was a problem in the 1st place)
6. Have a nice cup of tea and keep a positive attitude