Hacked website sorted..........
Hacked website sorted..........
Just want to say a big thank you to Caroig, for letting me know my website had been hacked
But a really big thank you to John [Windy] for sorting it for me!!
[and wasting a Sunday Morning ].....
Thanks John youre a star
and another thanks to E Richard who offered his help as well.
Youre all great:) and what LMHat is all about
Thanks Muchly
But a really big thank you to John [Windy] for sorting it for me!!
[and wasting a Sunday Morning ].....
Thanks John youre a star
and another thanks to E Richard who offered his help as well.
Youre all great:) and what LMHat is all about
Thanks Muchly
-
- Posts: 744
- Joined: Thu Oct 07, 2010 7:03 pm
- Location: North Idaho, USA
- Contact:
So sorry that happened! so nice that the forum members here are so helpful, great place!
How did you know your website had been hacked? not sure that I'd have a clue...
Wendy
How did you know your website had been hacked? not sure that I'd have a clue...
Wendy
New Vacation Rental called DayStar Lodge! (Sold Narrows Cottage now have a rental management company called A-List Rental Management)
-
- Posts: 744
- Joined: Thu Oct 07, 2010 7:03 pm
- Location: North Idaho, USA
- Contact:
The hackers has managed to get access to the htm files and had edited one of them.
Surprisingly they had only added some links to Viagra adverts as black hat SEO (the links were not visible to site visitors but were to serach bots so it took someone passing by with Mcaffee AV to get a warning and let BS know. )
My web hosts insist it is not a security vulnerability on my VPS but must have been caused by a brute force password crack. Anyway - all passwords now changed and all files (hopefullY) now back to normal.
The b*****ds (or some of their friends) also managed to change a .htaccess file a few weeks back with similar effects on another site I manage.
These sorts of attacks do seem to be getting more common. I just thank my lucky stars it wasn't one of the Wordpress sites I host as that would have been a ***** nightmare to sort out!
Amusingly the charming chap from Bangalore I was dealing with at my web host - Keanu I think he said his name was - wanted to remove all FTP access on my reseller account until I pointed out that people buying webhosting from me tend to expect to be able to put files on their own web sites
Surprisingly they had only added some links to Viagra adverts as black hat SEO (the links were not visible to site visitors but were to serach bots so it took someone passing by with Mcaffee AV to get a warning and let BS know. )
My web hosts insist it is not a security vulnerability on my VPS but must have been caused by a brute force password crack. Anyway - all passwords now changed and all files (hopefullY) now back to normal.
The b*****ds (or some of their friends) also managed to change a .htaccess file a few weeks back with similar effects on another site I manage.
These sorts of attacks do seem to be getting more common. I just thank my lucky stars it wasn't one of the Wordpress sites I host as that would have been a ***** nightmare to sort out!
Amusingly the charming chap from Bangalore I was dealing with at my web host - Keanu I think he said his name was - wanted to remove all FTP access on my reseller account until I pointed out that people buying webhosting from me tend to expect to be able to put files on their own web sites
-
- Posts: 744
- Joined: Thu Oct 07, 2010 7:03 pm
- Location: North Idaho, USA
- Contact:
Wow, that is all "greek" to me! I just hope no one does that to my site since I won't have a clue anything is even wrong no doubt. Good job with getting all that sorted out! Big Sis is lucky to have you both around.
Wendy
Wendy
New Vacation Rental called DayStar Lodge! (Sold Narrows Cottage now have a rental management company called A-List Rental Management)
And a cautionary PS ....
Whilst I thought I had checked everything I managed to overlook a file in my root directory which is where my company website lives.
My company website was the first ever web site in the world to have specialiesed information on my area of expertise and I have had the Google #1 spot for a simple search on the term concerned since 1995!
Because some scrote had hacked my site and added links to viagr@ sites I got a warning from google yesterday that my site is scheduled do be sandboxed for 30 days. I made the required changes and resubmitted immediately, and my site is still in the top spot today, but you can probably imagine the panic. This isn't just vanity - I am currently working on a project that only came my way because the CEO found my web sites and called me. The potential financial impact is enormous, and it would be the same for any of your property web sites if it happened to you.
Make sure your passwords are suitably strong (I'm not sure they can ever be totally secure) and make sure things like WordPress installs are up to date (although there is always a fine line between up to date and bleeding edge here).
Any other suggestions as to how to secure this stuff without locking it down to an unuseable level welcome!
Whilst I thought I had checked everything I managed to overlook a file in my root directory which is where my company website lives.
My company website was the first ever web site in the world to have specialiesed information on my area of expertise and I have had the Google #1 spot for a simple search on the term concerned since 1995!
Because some scrote had hacked my site and added links to viagr@ sites I got a warning from google yesterday that my site is scheduled do be sandboxed for 30 days. I made the required changes and resubmitted immediately, and my site is still in the top spot today, but you can probably imagine the panic. This isn't just vanity - I am currently working on a project that only came my way because the CEO found my web sites and called me. The potential financial impact is enormous, and it would be the same for any of your property web sites if it happened to you.
Make sure your passwords are suitably strong (I'm not sure they can ever be totally secure) and make sure things like WordPress installs are up to date (although there is always a fine line between up to date and bleeding edge here).
Any other suggestions as to how to secure this stuff without locking it down to an unuseable level welcome!
Did they insert the links into all files or just the index.xxx file ?
Either way, assuming your critical website does not change very frequently, here is a simple hack (in addition to those you have already suggested):
Create a snapshot copy of your root directory in a subdirectory with a silly name (and possibly also passworded sub directory).
Then run a script(*) in the early hours of the morning that simply copies the files from the subdirectory over the files in your root directory. This will simply refresh the website back to its previous state if the spammers have added anything.
(*) If you have a Unix host, the script is a very simple shell script, and you'd run it each night as a cron job. My very helpful webhost support guys did all this for me, but for a different reason. In my case, I'm copying sql databases, but the principle is the same.
Either way, assuming your critical website does not change very frequently, here is a simple hack (in addition to those you have already suggested):
Create a snapshot copy of your root directory in a subdirectory with a silly name (and possibly also passworded sub directory).
Then run a script(*) in the early hours of the morning that simply copies the files from the subdirectory over the files in your root directory. This will simply refresh the website back to its previous state if the spammers have added anything.
(*) If you have a Unix host, the script is a very simple shell script, and you'd run it each night as a cron job. My very helpful webhost support guys did all this for me, but for a different reason. In my case, I'm copying sql databases, but the principle is the same.
** Richard
PIMS: Holiday Rental Management system
They say we learn from our mistakes. That makes me a genius !
PIMS: Holiday Rental Management system
They say we learn from our mistakes. That makes me a genius !
-
- Posts: 166
- Joined: Thu Nov 25, 2010 10:44 pm
- Location: Yorkshire Dales
- Contact:
-
- Posts: 166
- Joined: Thu Nov 25, 2010 10:44 pm
- Location: Yorkshire Dales
- Contact: