1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Site got hacked. What to do?

Discussion in 'Black Hat SEO' started by ranjim, Apr 7, 2015.

  1. ranjim

    ranjim Regular Member

    Joined:
    Apr 5, 2012
    Messages:
    392
    Likes Received:
    46
    "Suspected hacking


    Google has detected that some of your pages may contain hidden text or cloaking, techniques that are outside our Webmaster Guidelines.


    Specifically, we detected that your site may have been modified by a third party. Typically, the offending party gains access to an insecure directory that has open permissions. Many times, they will upload files or modify existing ones, which then show up as spam in our index.


    Sample URLs: http://www.mydomain.com/page/2/?p=poker-tricks"

    Logged in and checked the page but somehow I could edit/delete it because it didn't show up. And the link only shows the "poker site" when viewing it through mobile. What should I do?
     
  2. tompots

    tompots Elite Member Premium Member

    Joined:
    Dec 11, 2011
    Messages:
    4,371
    Likes Received:
    3,964
    Gender:
    Male
    Occupation:
    Full Time Bot Developer
    Location:
    Automation Alternatives
    Home Page:
    Contact your hosting, they will remove the page for you. You will need to take a detiled look at you database also. When you get the problem fixed make sure to secure your site, or have a theird party secure it for you if you don't know what your doing. This link below will get you started down your long but worth it path.

    Code:
    https://www.google.com/search?q=how+to+secure+a+website+from+hackers
    
     
  3. Zwielicht

    Zwielicht Moderator Staff Member Moderator Jr. VIP

    Joined:
    Aug 31, 2013
    Messages:
    6,640
    Likes Received:
    11,776
    Gender:
    Male
    Occupation:
    Private Investigator
    Location:
    Riverside, California
    Home Page:
    I just dealt with this problem for one of my recent clients (the site was hacked because the old search engine optimiser/web developer neglected it). In my client's case, the hackers injected 80,000 URLs into her website that couldn't be easily removed without finding the code. Depending on how large the site is, it may just be easier to back up the pages, delete everything, and reinstall Wordpress (or whatever CMS you're using).

    Another option is to restore a previous backup of your files and database (you do have a backup, right?). If you don't have a backup, see if your web host has one.

    The more difficult alternative is to hunt down the codes and delete them, although this would also require you to make sure that they don't have any backdoor script hidden in your database.

    After you fix the issue, you're also going to want to find out how the hacker created or modified these files in the first place. They could have gained access numerous ways such as through brute-forcing or finding security flaws in outdated themes/plugins.

    Here are some resources that you may find useful:

     
    • Thanks Thanks x 1
    Last edited: Apr 7, 2015
  4. V

    V Elite Member

    Joined:
    May 18, 2012
    Messages:
    2,254
    Likes Received:
    2,579
    Occupation:
    Student
    Location:
    /tmp
    Ask your host to restore the site to an earlier date, they must have a backup of your site somewhere. Once that is done, update everything and delete useless plugins/themes. Install some security plugin like Wordfence on the site. Find out where the vulnerability was, because if you don't find out how your site got hacked, it will be hacked again.
     
  5. doctortroxy

    doctortroxy Newbie

    Joined:
    Apr 6, 2015
    Messages:
    17
    Likes Received:
    3
    Occupation:
    no job :)
    Location:
    new york
    hey,when you fix ypur site,check for vulnerabilities because hackers exploit this to hack your site,okay?
     
  6. ziplack

    ziplack Supreme Member

    Joined:
    Feb 18, 2010
    Messages:
    1,281
    Likes Received:
    647
    Location:
    BHW
    remove all
    reinstall
    dont use nulled plugins/themes
     
  7. ok888

    ok888 Elite Member

    Joined:
    Nov 23, 2010
    Messages:
    2,368
    Likes Received:
    654
    I suggest you have a,chat with your host immediately

    Most of the time they can remove it for you without losing any data
     
  8. Gavich

    Gavich Newbie

    Joined:
    Mar 5, 2015
    Messages:
    11
    Likes Received:
    2
    What CMS are you using?
    Check .httaccess file, there can be changes to show the "poker site" when viewing it through mobile.
    Search base64 function on *.php files, hackers always use this function to hide their code.
    Find and download "
    AI-Bolit — Free Server-Side Malware Scanner", install it on your website folder and scan for viruses.