Register reply to me:
<hr />Gentile cliente,
Le confermiamo che i nostri server risultano in totale sicurezza e non sono presenti redirect server-side. Le confermiamo inoltre di aver ricevuto altre segnalazioni di questo tipo, anche per siti non ospitati sui nostri server. Stiamo pertanto cercando di contattare Google per verificare direttamente con loro il motivo di queste segnalazioni.
Le consigliamo comunque di effettuare una scansione del Suo sistema e dei file del sito dopo averli scaricati in locale. Successivamente, potrĂ procedere alla ripubblicazione e a completare la procedura indicata da Google alla pagina http://www.google.com/support/webmasters/bin/answer.py?answer=45432#3
Grazie e buona giornata.
Alessandra Franconi
Support Team
<del>-</del>——————
Register.it SpA
Translation of the Register Response:
We confirm that our servers are totally safe and there are no server-side redirect. We confirm also that he had received other reports of this kind, even for sites not hosted on our servers. So we are trying to contact Google to check directly with them the reason for these reports.
The still recommend running a scan of your system and your site’s files after downloading them locally. Thereafter, may proceed to republish and complete the steps from Google to page http://www.google.com/support/webmasters/bin/answer.py?answer=45432 # 3
Same mail from register.
@Redleg.
Thanks for your reply.
My .htaccess is ok, no suspicious code or other.
Date of modify is 08-25-2009, same date for most of the files (new site is up from this date).
In google wmt this morning (now seems ok) i see the malware details:
aurorasas .com/
www.aurorasas .com/
Checked yesterday many times and today with rexswain.com tools and nothing special, no redirect or other special.
I think our ISP have some problem…….
Same problem with google for many user with this in google details.
“This site was hosted on 1 network(s) including AS12363 (DADA)”
Today everything seems back to normal…
The Italian provider DADA has probably been hacked 2 days ago (as it had a down of around 10 minutes) and the support staff kept telling people that the provider was totally OK and that the culprit were the PCs of the owner of the websites have been infected… funny that the support staff dind’t even tell people to verify their DBs…
Now, I wonder if DADA/Register.it will ever tell us what really happened and if they really solved their vulnerabilities…
Shouldn’t they be legally liable for telling a lie to us and not helping us to solve a situation that they were responsible and that caused us loosing tens of thousands of visitors?
Anyway my suggestions is: DO NOT USE DADA or REGISTER.IT hosting till they explain us what happened and what they have done to solve the problem!!
This is not the first time that we open a ticket for technical problems (random 500 errors when sending email thru PHP mail()) and that they keep repeating that everything is OK. After I prepared a simple php script that demonstrate the problem, everything magically started working again, without any admittance by Register.
And this isn’t a problem of Register itself, but many other italian provider do this sort of things.
And this is why I am asking customer to migrate to us/de/uk hosting providers by months (ex: slicehost/linode vps have great customer support, every ticket I opened get closed in 10 minutes 365/365).