Coursera provides continuing education just like Udacity and offer the full learning experience that I am accustomed to, including lesson videos, reading materials, projects, discussion forums, and graded projects which are peer-reviewed. I recently completed the Full-stack Web Development in React specialization from Coursera, all for free. It’s called a specialization because it is made up of three courses below each with their own certifications and which takes 4-6 weeks each to complete: 1. Front-End Web UI Frameworks and Tools: Bootstrap 4 2. Front-End Web Development with React 3. Server-side Development with NodeJS, Express and MongoDB I started the program in December 2021 and finished it in June 2023 however. The intent of this post is to explain how I was able to fund the entire specialization for free. In December 2021, I read on social media that Coursera allowed for one free course per year if you were a student and had an email address from a partner school. I gave my stu
I just finished removing a code-injected malware that blacklisted a website with security providers like Google and Symantec, and it had to be on this Thanksgiving Long Weekend. Nothing makes me more sick that having to deal with this type of cleanup but it has to be done. Our whole household is already sick with cough and flu so this adds to the fun.
I noticed the infection by constant emails from my service provider that my quota was getting exceeded. I know the site is popular but couldn’t be that popular. When I tried to get to the site using Google Chrome browser, I received a ominous red splash screen letting me know that there is malware on the site and that I should only continue if I understood the risks. Fortunately, I had the site registered with Google Webmaster Tools and was able to get a sample of the suspicious code injection. I also ran http://killmalware.com/, http://www.siteadvisor.com/sites/aminsolutions.com, and http://sitecheck.sucuri.net/ against the website to advise me what other sites see as a baseline prior to cleaning up the malware. This is what I had to do, without too much detail so that the hackers aren’t wise to the exact solutions:
• Put the site into maintenance mode, displaying a friendly reminder to clients that this is scheduled;
• If using CMS, update the platform to the latest version, including all security patches;
• Register the website with Google Webmaster Tools to have it tell you what and possibly where the code-injection malware is on the site;
• Search the web site’s file system for the sample malware code snippet returned by Google Webmaster Tools. Sometimes, it is easier to use Notepad++ to search through contents of every file so do this after downloading a copy of the entire web site locally to your computer. If hosted on the cloud, use your favorite FTP client like CoreFTP to download the contents;
• After finding the code-injected malware, remove the malicious code;
• Make sure you prevent future code-injections by following Google’s write-up here https://support.google.com/webmasters/answer/3024344. Specifically look for malicious code that’s obfuscated to avoid detection, e.g. eval (base64 decode);
• Get Google Webmaster Tools to re-review the site to ensure the malware has been removed. Make sure you configure the preferences to email you of any future malware attacks on the site;
• Run http://killmalware.com/, http://www.siteadvisor.com/sites/aminsolutions.com, and http://sitecheck.sucuri.net/ against the website to ensure it passes all the tests.
• After tests pass, deactivate maintenance mode on the website to open it back up to customers.
Gobble gobble gobble. That’s how you serve this turkey to dinner.
I noticed the infection by constant emails from my service provider that my quota was getting exceeded. I know the site is popular but couldn’t be that popular. When I tried to get to the site using Google Chrome browser, I received a ominous red splash screen letting me know that there is malware on the site and that I should only continue if I understood the risks. Fortunately, I had the site registered with Google Webmaster Tools and was able to get a sample of the suspicious code injection. I also ran http://killmalware.com/, http://www.siteadvisor.com/sites/aminsolutions.com, and http://sitecheck.sucuri.net/ against the website to advise me what other sites see as a baseline prior to cleaning up the malware. This is what I had to do, without too much detail so that the hackers aren’t wise to the exact solutions:
• Put the site into maintenance mode, displaying a friendly reminder to clients that this is scheduled;
• If using CMS, update the platform to the latest version, including all security patches;
• Register the website with Google Webmaster Tools to have it tell you what and possibly where the code-injection malware is on the site;
• Search the web site’s file system for the sample malware code snippet returned by Google Webmaster Tools. Sometimes, it is easier to use Notepad++ to search through contents of every file so do this after downloading a copy of the entire web site locally to your computer. If hosted on the cloud, use your favorite FTP client like CoreFTP to download the contents;
• After finding the code-injected malware, remove the malicious code;
• Make sure you prevent future code-injections by following Google’s write-up here https://support.google.com/webmasters/answer/3024344. Specifically look for malicious code that’s obfuscated to avoid detection, e.g. eval (base64 decode);
• Get Google Webmaster Tools to re-review the site to ensure the malware has been removed. Make sure you configure the preferences to email you of any future malware attacks on the site;
• Run http://killmalware.com/, http://www.siteadvisor.com/sites/aminsolutions.com, and http://sitecheck.sucuri.net/ against the website to ensure it passes all the tests.
• After tests pass, deactivate maintenance mode on the website to open it back up to customers.
Gobble gobble gobble. That’s how you serve this turkey to dinner.
Comments
Post a Comment
Thank you for your feedback.