AdSense on my site without my approval - Google AdSense - Display Ads forum at WebmasterWorld - WebmasterWorld

Forum Moderators: martinibuster

Message Too Old, No Replies

AdSense on my site without my approval

I want to contact Google to find out who did this

AWildman

9:01 pm on Oct 26, 2006 (gmt 0)

10+ Year Member

A coworker called and said that there was an error coming up on one of our sites. It is a message board. In I.E., there is a message "You are not authorized to view this page" in the middle of the page. The rest of the site works, but on the home page, this message appears. I checked the source and where that message appears is the script for adsense, at least I'm pretty sure it is anyhow.
google_ad_client =
google_ad_width =
google_ad_height =
google_ad_format =
google_ad_type =
google_color_border =
google_color_bg =
google_color_link =
google_color_url =
google_color_text =

I removed the values here, but there are values. While I'm working on trying to find this code and remove it, I also want to contact Google and ask them who the hades this account belongs to and go from there. Anyone have any contact info for AdSense?

I'm having trouble finding the code above on my server. I've done a Windows search and I've searched the code in Dreamweaver and I get nothing on a search for google. Any suggestions?

Jordo needs a drink

9:09 pm on Oct 26, 2006 (gmt 0)

10+ Year Member

This should help you... [google.com ]

AWildman

9:13 pm on Oct 26, 2006 (gmt 0)

10+ Year Member

Thanks much! I will try it out and see what happens. Still no luck finding the ding-darned code though. :(

rbacal

9:23 pm on Oct 26, 2006 (gmt 0)

Thanks much! I will try it out and see what happens. Still no luck finding the ding-darned code though

If your site/host has been hacked, it's possible someone actually hacked into your mysql database and that's where you might want to look for the code. Even if it's not a hack per se, and your board uses mysql or equiavalent, that would be where to look.

AWildman

9:29 pm on Oct 26, 2006 (gmt 0)

10+ Year Member

I just did find the code in the mysql database! GRR! How do I prevent this from happening again?

[edited by: AWildman at 9:31 pm (utc) on Oct. 26, 2006]

rbacal

10:09 pm on Oct 26, 2006 (gmt 0)

I just did find the code in the mysql database! GRR! How do I prevent this from happening again?

Depends. Do you know if it was part of a message stored in the dbase?

And, the obvious thing is to ensure you keep up with all security patches for the particular program.

And, even then, generally much higher security risks exist for mysql/php stuff, and open source.

jatar_k

10:31 pm on Oct 26, 2006 (gmt 0)

WebmasterWorld Administrator

10+ Year Member

what forum software is it? smells like a phpbb hack I've seen.

AWildman

11:59 am on Oct 27, 2006 (gmt 0)

10+ Year Member

The message was in the database. I'm going to do a search of the software to see where that table is used.

It is Invision Power Board. I can tell I'm going to have a fun day today.

[edited by: AWildman at 12:00 pm (utc) on Oct. 27, 2006]

jatar_k

4:57 pm on Oct 27, 2006 (gmt 0)

WebmasterWorld Administrator

10+ Year Member

what column in which table?

the thing I have seen with phpbb is they can get access to the admin panel and change the values in the config table, which effectively hijacks all sorts of things

AWildman

5:21 pm on Oct 27, 2006 (gmt 0)

10+ Year Member

It was the main_templates table. I removed the text and found some articles telling how to sanitize some variables that were not being sanitized before use.

Thanks for everyone's help. We have such an old version of the program and I don't have the manpower to update it since it likely involves an update to php and mysql as well. I'll just have to play whack-a-mole with breaches, which I hate, but can't do much about at this point.

Thanks again!