1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

guys 6 of my websites got hacked

Discussion in 'Black Hat SEO' started by BlackShadow117, Jul 25, 2017.

  1. BlackShadow117

    BlackShadow117 Registered Member

    Joined:
    Jan 10, 2013
    Messages:
    77
    Likes Received:
    19
    Gender:
    Male
    Location:
    BHW
    6 Of my blog sites got hacked image attached
    all where on the same go daddy shared hosting
    and all where word press sites which got hacked
    actually was hosting total 11 websites all 6 word press sites got hacked, and other 5 websites and application in asp.net and java are working fine


    anyone heard of that hackers?? and any help would be appreciated

    thank you guys
     

    Attached Files:

  2. HostStage

    HostStage Jr. VIP Jr. VIP

    Joined:
    May 20, 2010
    Messages:
    1,872
    Likes Received:
    1,768
    Occupation:
    BHW - CEO of Webhosting Company
    Location:
    BWH from France
    Home Page:
    Actually, if you hosted all your domains as add-on domain in shared web hosting and if one your Wordpress website with insecure permission and / or with a backdoor plugin, or outdated WP version; all your websites are at risk if hosted on the same cPanel account.

    This is why, we pull out some multi site ready shared hosting with different cPanel accounts to protect users from such issue. I expect it to be a standard sooner or later.

    There are some hacks which can impact a whole server, but I doubt a company such as Godaddy would fall into those massive security holes.

    You can request to Godaddy to restore a backup for you assuming they do have some. If they do and you don't have a backup, you would need to take a backup every now and then. It is a few minutes process that you can set on a weekly basis and you'll thank those extra minutes in such situation.

    To protect your wordpress websites, you would need to follow quite a few rudimentary steps and one of the biggest is avoid NULLED plugins / theme at all cost. After all , purchasing these are a one time fee guaranteeing you will not have backdoors implemented to it.

    You can also install Wordfence which is a nice security plugin blocking quite a lot of threats.
     
    • Thanks Thanks x 5
  3. BlackShadow117

    BlackShadow117 Registered Member

    Joined:
    Jan 10, 2013
    Messages:
    77
    Likes Received:
    19
    Gender:
    Male
    Location:
    BHW


    Actually My databases are fine they deleted the entire files in each site directory and no not all domains where add on domains
    2 main Domain hacked
    4 Add Domain Hacked and [and main domain of this is not hacked coz it was running on asp.net ]

    just a confusion how did they get to my ad-don domain which i have not shared ,the 2 main domain had enf promotion ads all so i get it but those addon dmain i was using for test and build purpose hw did they even find coz my addon dmain where build.xxx.com or wp1.xxx.com
     
  4. Defeatenonce

    Defeatenonce Junior Member

    Joined:
    Mar 27, 2017
    Messages:
    184
    Likes Received:
    59
    Gender:
    Male
    did you by any chance use nulled or unpurchased plugins?
     
    • Thanks Thanks x 1
  5. jb2302

    jb2302 Regular Member

    Joined:
    Jun 23, 2015
    Messages:
    366
    Likes Received:
    43
    in shared hosting - company put a lot of hosting account in one set - other may be yours or someone else-
    so if any of the website that is on your shared hosting server ( doesnt matter if it not yours ) got hacked hacked - they can get access to all files in the server
    or can do some change on the server depend on the exploit they are using . which affects all website on tour shared hosting
     
    • Thanks Thanks x 1
  6. Defeatenonce

    Defeatenonce Junior Member

    Joined:
    Mar 27, 2017
    Messages:
    184
    Likes Received:
    59
    Gender:
    Male
    Its pretty much your hosts fault and you should ask for monies.
     
    • Thanks Thanks x 1
  7. BlackShadow117

    BlackShadow117 Registered Member

    Joined:
    Jan 10, 2013
    Messages:
    77
    Likes Received:
    19
    Gender:
    Male
    Location:
    BHW
    Can someone translate me coz i dont even get what language it is
     

    Attached Files:

  8. Postercamp

    Postercamp Junior Member

    Joined:
    Mar 21, 2017
    Messages:
    143
    Likes Received:
    38
    Gender:
    Male
    Its Uzbek's
     

    Attached Files:

    • Thanks Thanks x 1
  9. dogilim

    dogilim Regular Member

    Joined:
    May 16, 2016
    Messages:
    216
    Likes Received:
    20
    Its turkish.
     
    • Thanks Thanks x 1
  10. BlackShadow117

    BlackShadow117 Registered Member

    Joined:
    Jan 10, 2013
    Messages:
    77
    Likes Received:
    19
    Gender:
    Male
    Location:
    BHW
    they are like its not there responsibility it seems was there reply

    Guys i dont mindwhich language but does anyone knows exactly what it means
     
  11. Defeatenonce

    Defeatenonce Junior Member

    Joined:
    Mar 27, 2017
    Messages:
    184
    Likes Received:
    59
    Gender:
    Male
    Why do you wanna know what it means? its not gonna change anything.
     
    • Thanks Thanks x 1
  12. BlackShadow117

    BlackShadow117 Registered Member

    Joined:
    Jan 10, 2013
    Messages:
    77
    Likes Received:
    19
    Gender:
    Male
    Location:
    BHW
    lol true but just a curiosity
     
  13. dogilim

    dogilim Regular Member

    Joined:
    May 16, 2016
    Messages:
    216
    Likes Received:
    20
    I know turkish but cant really translate it, he basically doing show of strength
     
    • Thanks Thanks x 1
  14. BlackShadow117

    BlackShadow117 Registered Member

    Joined:
    Jan 10, 2013
    Messages:
    77
    Likes Received:
    19
    Gender:
    Male
    Location:
    BHW
    oh thanks man
     
  15. Teotech

    Teotech Jr. VIP Jr. VIP

    Joined:
    Dec 8, 2012
    Messages:
    669
    Likes Received:
    122
    Gender:
    Male
    Occupation:
    SMTP Provider
    Location:
    BHW
    Prefer a web hosting company using cloudlinux rather than any other distro.

    As said above it is mostly your hosting provide fault rather than yours. I would leave asap for another host

    Regards
    Teo
     
    • Thanks Thanks x 1
  16. virtualpurity

    virtualpurity Jr. VIP Jr. VIP

    Joined:
    Nov 12, 2012
    Messages:
    764
    Likes Received:
    442
    Occupation:
    SEO, Hosting
    Location:
    /root
    Home Page:
    That doesnt have to be true. Hosting companies can not keep track what every users do with their webspace.

    If a user is using cracked wordpress themes or plugins or outdated software which in most cases are the root of the hacks than its not the hosting company fault.

    Yes cloudlinux is good since it isolates every user in a virtual environment and adds more security on the overall server, but does not mean that it is a solution to prevent hacks like these from happening, since its up to the user to use and secure their own webspace, hosting companies can only do so much.

    OP its not only you, since the new exploits leaked some time ago a lot of WP sites got compromised this way. This is all done automatically by scanners and tools and it targets only vulnerable Wordpress sites, other platforms does not seem to get compromised like the asp.net sites in your case.

    To prevent this to happen in future i would recommend you to update your WP sites to the latest versions, remove any nulled plugins/cracked themes and change your account passwords.
     
    • Thanks Thanks x 1
  17. BlackShadow117

    BlackShadow117 Registered Member

    Joined:
    Jan 10, 2013
    Messages:
    77
    Likes Received:
    19
    Gender:
    Male
    Location:
    BHW
    I have decide to move either way it lags a lot this adds up the reason too
    i cant go for linux i have .Net sites hosted
     
  18. virtualpurity

    virtualpurity Jr. VIP Jr. VIP

    Joined:
    Nov 12, 2012
    Messages:
    764
    Likes Received:
    442
    Occupation:
    SEO, Hosting
    Location:
    /root
    Home Page:
    He meant a hosting company that is using cloudlinux with Cpanel.
     
    • Thanks Thanks x 1
  19. BlackShadow117

    BlackShadow117 Registered Member

    Joined:
    Jan 10, 2013
    Messages:
    77
    Likes Received:
    19
    Gender:
    Male
    Location:
    BHW

    Yes but is there like cloud linux alternative to host .Net sites or cpanel tht supports asp.net sites ??
    yes i noe it was something with wp
    i started to work on those a months back only more on those sites but np can remake it as i have db with me actually they never hacked my db they just got in some how to WP directories deleted all the files and when i contacted hosting they r like it happens they hacked via index file was the reason and they did not breach there security it was my fault or other sites on shared servers fault and i d k whether its thr fault or not but its gone and they could not even give me logs coz they said coz its shared hosting they don't track it seems and recommended to go with VPS
     
    Last edited: Jul 25, 2017
  20. virtualpurity

    virtualpurity Jr. VIP Jr. VIP

    Joined:
    Nov 12, 2012
    Messages:
    764
    Likes Received:
    442
    Occupation:
    SEO, Hosting
    Location:
    /root
    Home Page:

    Basically Cpanel already provides a limited support for hosting asp.net scripts with a third party component but i dont know if it will work with your sites as well and you will also need to ask your host if they have it enabled on the webserver.

    And like i said these hacks are automated by exploiting holes in outdated Wordpress versions or nulled plugins or scripts.

    You can easily check if the whole server is compromised and if its the hosting company fault by running a check on what other websites are hosted on your shared IP and see if those are hacked as well. Than you will have proof that your hosting is to blame and you can ask for a refund.

    If other hosted websites are not hacked on your shared IP than the problem is on your side and like i said before mostly because of vulnerable scripts or outdated sotware.
     
    • Thanks Thanks x 1