You’ve probably been there before. You’re checking webmaster accounts, you see there’s a new message and when you check it. Bam! You get the following message:
If you’re like me, an alert like this causes a lot of stress. Lots of scary thoughts run through your head. Everything from how badly your organic visits are going to plummet to how are you going to respond to the inevitable angry call from the client.
Going through this process helped me better understand the process of getting a malware notification removed. And there were some things that really surprised me. The goal of this post is to outline the steps I took so that I might help others who have been impacted by a Bing Malware Notification (please note: this is my first blog post to SEOmoz)
Find the Malware, Obliterate it, and Re-evaluate
My first step was to talk to the site’s developer. I explained the problem and asked him to look through the site to see if he could identify any malicious code. He found it and cleaned it up.
Now that the site was clean, I logged into Bing Webmaster Tools and completed a Malware Re-Evaluation Form http://www.bing.com/webmaster/help/malware-re-evaluation-e6982183. This process is fairly straight forward, and requires some basic information including:
The Waiting Game
On the re-evaluation form, Bing tells you to be patient because it can take up to four weeks to get re-evaluated. So, I put a note in my calendar to check Bing for updates and did the only thing under my control: wait.
Every week for six weeks, I check Bing Webmaster Tools, yet the Malware alert never disappears. I figure that Bing must have missed something, so I resubmit the re-evaluation form and wait some more. After 10 weeks, I still am not seeing it resolved. I check with the developer to make sure that the malware is truly removed, and indeed it is. I was stumped!
The Problem Wasn’t only internal, it was External
As it turns out, SEOmoz came to Milwaukee to celebrate Mozcation. In addition to an exceptional event, Mozcation gave me the opportunity to pick the brain of Rand Fishkin. Rand had some connections at Bing and asked me to send to him the website’s address, which I did first thing the next morning.
Within an hour, Rand got back to me with an answer from Duane Forrester, Sr. Product Manager at Bing, who told us to check the site’s outbound links for malware. I checked them and found that two of the outbound links connected to Malware. I removed the links and submitted another re-evaluation form. Within a week, the alert disappeared!
How to Check Outbound Links
Use scanning software, such as Screaming Frog http://www.screamingfrog.co.uk/ or Xenu Link Slueth http://home.snafu.de/tilman/xenulink.html to identify the site’s external links.
Export the documents to a csv
Take each URL and put it into a malware detector. This can take some time if you’ve got a lot of external links. Therefore, I recommend starting with any URLs that have error codes, like those seen below.
The malware detector I use is http://sitecheck.sucuri.net which is free. I’ve included screen grabs below.
Summary
Before I tackled the malware issue on Bing, I thought it was just a matter of making sure my sites were clean. I now realize that it is important to look not only at my site but also the sites in which I’m linked. This was a great lesson for me. Now, the next time I receive a malware warning, I’m confident that I’ll feel less stress and have a good game-plan for attacking and fixing the problem. Hopefully, this post will help you as well.
Please feel free to share your thoughts.