Problem with Malware

June 5, 2014 2.7k views
Hello guys, recently i just created a machine pre installed with Ghost, and there are some guys when they enter in my blog that their anti-virus is accusing the site as harmfull... also i found this website which is saying the same: The only thing i did was in the nginx config to point the "blog" subdomain to the Ghost blog, and the main domain to is pointing to a index.html file which redirects to Can somebody help me with that? Thanks
8 Answers

I ran your site through a few other malware detectors, and it's not showing positive. It's possible that bitdefender uses a list of IPs that previously had malware instead of actively scanning when you enter the sites domain. You could try taking a snapshot and spinning up a new instance of your site on a different IP address. Or you might want to contact bitdefender directly and ask them to rescan the site.

Let us know how it goes!
Yeah, i think you might be right... i just checked this url:

And it says that only bitdefender accuses it as a malware...

Could you give some detailed explanations (or maybe a url of digital ocean's tutorial) of how can i do this snapshop and then run a new machine and recover everything i did?

Thanks Andrew for your help!
Take a look at Make sure you create the new droplet before destroying the old one so you get a new IP address.
by Zach Bouzan-Kaloustian
This tutorial covers how to manually migrate droplets between hypervisors by taking a snapshot of the droplet and then spinning it up in a different region.
That`s great!

Just one last question, if I create a new Droplet to use the snapshot, will I pay the monthly cost for the 2 droplets? the one I just created, and the one i deleted?
You would pay the same amount you would pay if you kept the existing droplet running for the rest of the month. Since you're billed hourly, replacing a droplet with one of the same size shouldn't affect your bill.
Ahhhh cool, i thought it was monthly, not hourly.

Thanks Kamal!
I'd like to make another question about this malware problem...

I Just updated my ngnix version to 1.6.0, and when i run my IP in this malware checker, its says that everything is ok

But when I run my domain "which is configured to point to this ip", it says that it has some problems, also with the nginx version

How is that possible if this domain is pointing to this server?

Thanks Guys for all this help.
Sorry but i think i just got the answer...

When I ran my domain on this website, it had the old version of NGINX, and it may have cached this status...

now that i updated, i tried running another subdomain and it's ok

Thx anyway :)
Have another answer? Share your knowledge.