1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hmmmmm hacked

Discussion in 'Cloaking and Content Generators' started by thedarkest12, Apr 3, 2012.

  1. thedarkest12

    thedarkest12 Regular Member

    Joined:
    Nov 23, 2009
    Messages:
    475
    Likes Received:
    127
    Occupation:
    Digital Marketing
    Location:
    Manchester, UK
    Home Page:
    OK, so I may have a background in SEO, but hacking is not my bag...

    One of my sites, when you follow a link from Google Organic Search is redirecting to some spammy s**t website.

    Don't know who the wise guy is but the .htaccess file looks intact. How else do these guys get in and what file should I be looking at fixing please?
     
  2. Razvan

    Razvan Power Member

    Joined:
    Jun 1, 2009
    Messages:
    516
    Likes Received:
    289
    see which file on your site is the latest modified , and see if you can find something strange on code , like iframes and such stuff

    also talk to your host to do a scan , they often helped me with such issues
     
    • Thanks Thanks x 3
  3. thedarkest12

    thedarkest12 Regular Member

    Joined:
    Nov 23, 2009
    Messages:
    475
    Likes Received:
    127
    Occupation:
    Digital Marketing
    Location:
    Manchester, UK
    Home Page:
    Thanks, looks like a base64_decode hack to all the php files...
     
  4. Tony Barns

    Tony Barns Regular Member

    Joined:
    Oct 6, 2009
    Messages:
    226
    Likes Received:
    159
    Who is your hosting provider? They might be able to remove that code for free because it will be spread out in all or most your php files. If it's a wordpress blog just re-upload the files.

    Also remove and check anything you uploaded to the server recently, as they might have the back door in them.
     
  5. necro

    necro Regular Member

    Joined:
    Dec 23, 2010
    Messages:
    292
    Likes Received:
    189
    Pm me if you still need help
     
  6. pYraTe

    pYraTe Junior Member

    Joined:
    Jun 10, 2011
    Messages:
    111
    Likes Received:
    49
    • Thanks Thanks x 5
  7. max1234567

    max1234567 Newbie

    Joined:
    Oct 26, 2011
    Messages:
    14
    Likes Received:
    0
    thanks for these links pyrate, really useful
     
  8. Zarion

    Zarion Registered Member

    Joined:
    Jan 20, 2012
    Messages:
    59
    Likes Received:
    10
    just got hacked too -.-
     
  9. meatro

    meatro BANNED BANNED

    Joined:
    Nov 21, 2009
    Messages:
    568
    Likes Received:
    997
    Weird... All my Joomla sites are just fine. ;)

    But yeah, this shit happens to WP all the time. Don't use it for anything important because if you are, then it's not as simple as you might believe it is.
     
  10. blackfrank

    blackfrank Newbie

    Joined:
    Aug 8, 2010
    Messages:
    14
    Likes Received:
    0
    The last time I got hacked was because my client set a real stupid username/password for FTP. I don't know if this is your case, though.
     
  11. dreess2012

    dreess2012 Newbie

    Joined:
    Apr 9, 2012
    Messages:
    1
    Likes Received:
    0
    Really good, I also learned the next, I recently learned, thank you for sharing!
     
  12. paulcarter97

    paulcarter97 Regular Member

    Joined:
    Nov 27, 2011
    Messages:
    392
    Likes Received:
    37
    Take help from your hosting. They will scan and tell you if there is any parasite, backdoor, malacious software ar any modified file that made the link redirect to that nonsence website. Or use checking software to scan files of your website. :)
     
  13. deekay619

    deekay619 Newbie

    Joined:
    Aug 6, 2011
    Messages:
    20
    Likes Received:
    12
    Occupation:
    Ethical hacking
    Location:
    Europe
    You guys never take your site's security seriously. A site is like a store, it brings food to the table. Leaving it unprotected is like having a physical store without a lock. Really now, how many of you perform routine security checks? I know that you're not security experts, but you can probably find a cheap security service on fiverr or something like that. You only wait until it's too late. By then your site is down, you're losing money and you're probably gonna end up paying someone to fix it. In the end it's gonna cost you a lot more than actually preventing these intrusions. Nowadays most sites are hacked by 13-year-olds with simple hacking programs, and for no apparent reason - just for the heck of it. Just take Havij for example. A brat can lay waste on hundreds of sites in a few hours with just that simple program.
     
    • Thanks Thanks x 1
  14. supermanden

    supermanden BANNED BANNED

    Joined:
    Jan 12, 2012
    Messages:
    537
    Likes Received:
    140
    Is it possible to secure your blogspot website somehow?
     
  15. win292

    win292 Junior Member

    Joined:
    Feb 21, 2009
    Messages:
    108
    Likes Received:
    9
    some of my sites got hacked too. Then which is the better way to protect your site??
     
  16. sureyea

    sureyea Newbie

    Joined:
    May 4, 2011
    Messages:
    17
    Likes Received:
    0
    better consult your hosting service
     
  17. derfall

    derfall Registered Member

    Joined:
    Dec 27, 2009
    Messages:
    61
    Likes Received:
    81
    I have fairly good instructions on my website as to how to secure a WordPress site. secure-your-website dot com. The $17 plug-in does add
    another layer of security, but you'll do a good job of locking everything down if you scroll down to the link for "My Written Instructions" and
    follow those instructions.

    You only need enough skill to get into File Management in CPanel (I use Hostgator), and be able to find and activate plug-ins from Wordpress dot org. This is easy from within your WordPress site. It took me two weeks of studying two WSOs (Bulletproof and WP-Padlock), and some
    YouTube videos to write it. If you have comments or can suggest additions, I'd love to read them.
     
    • Thanks Thanks x 2
  18. roster67

    roster67 Registered Member

    Joined:
    Mar 27, 2012
    Messages:
    69
    Likes Received:
    10
    Change your account password. Upgrade to lastest version if you are using a CMS. Contact your hosting provider to clean all your hosted files.
     
  19. Sente

    Sente Junior Member

    Joined:
    Sep 21, 2009
    Messages:
    193
    Likes Received:
    19
    AWESOME instructions in your text file!!!

    On the sales page it says the plugin is only for NEW sites? Why and what do you mean by that?
     
  20. JanaSEO

    JanaSEO Junior Member Premium Member

    Joined:
    Dec 14, 2011
    Messages:
    101
    Likes Received:
    21
    Occupation:
    Search Engine Optimization
    Location:
    Search Engine Land
    Change your pass to your WP, FTP, Cpanel, Hosting, everything..

    Then look for the latest modified files and maybe even request your site to be reviewed from your hosting provider.