So, imagine my surprise when I got an e-mail from Google the other day that said, "We recently discovered that some of your pages can cause users to be infected with malicious software. We have begun showing a warning page to users who visit these pages by clicking a search result on Google.com."
Malware? Warnings? Bah, humbug!
I went through, found the offending script that had been added to the HTML code of a million pages (or so it seemed), changed my password and uploaded script free versions of the page files. I don't operate a gigantic web space or anything -- but I'm knocking on 500mb and I'm just one guy with some software held together by duct tape.
Everything ran smoothly for a couple of days until Google knocked on my door again. Um, yeah. The unwanted visitors were back. It seems that even though I try to play it safe and use protection, I contracted myself an FTP trojan horse on our desktop. Once it obtained my password and played its game, I changed the password, it obtained it again and set up round two. For the record, this will ruin the holiday spirit faster than Cousin Eddie dumping his shit tank into your storm sewer.
I've since run an anti-malware program from Malwarebytes that picked up on things that Norton and McAfee overlooked. I guess the next step is to restore the web site. My host keeps a 14- or 21-day archive of the web site online, but I can't restore from any of those files because many of them are poisoned, too. So, it looks like I'll be going through folder by folder uploading from the desktop once I feel I'm safe on this end.
In the meantime, I've got a little birthday cash on hand. What does everyone recommend for modern web design and file transfer software? It's time I step into the 21st century.
ETA: JohnDoe.Org is on a separate account and appears to be perfectly healthy. By looking at the dates of the last updates over there, it seems abstinence really is the best policy.