Problem with Website hacker

Forum Moderators: phranque

Message Too Old, No Replies

Problem with Website hacker

stop hackers

rockerbroker

6:08 pm on Apr 10, 2007 (gmt 0)

Hi
Im new to this forum but have problem.
It all started when i noticed from my search results that google put a mesage on saying "this website is not safe" People who searched for my site could not enter it via the natural google listings.

I followed the links to badware and looked at my site to see what the problem was. I then found some code i didnt add which without pasting it here was an iframe script pointing to a website called agressor. I deleted this piece of code but every so oftern it suddenly appears. My domain hosting is through lycos and they have been no help at all but i need some recommendations on how to protect my site.

Luckily by completing the badware review form the message in google went after a few days but then im worried it will return if i dont get this sorted.

Can anyone help?

Cheers

thecoalman

6:19 pm on Apr 10, 2007 (gmt 0)

More details... Is this paid hosting. Are running php or other server side scripting? Do you have a guestbook or anything else that the user can input information?

rockerbroker

6:25 pm on Apr 10, 2007 (gmt 0)

No i dont run php but i do have enquiry forms that people complete. It is a real estate website - all in html - no database driven pages such as php or asp - a static site

rockerbroker

6:26 pm on Apr 10, 2007 (gmt 0)

Yes it is paid hosting

thecoalman

8:52 am on Apr 11, 2007 (gmt 0)

I'm no expert but AFAIK a HTML file can't be altered by itself. Sites that get hacked are hacked through exploits in server side scripts like a forum that execute. I'm assuming your inquiry form is processed server side? That's the first place I would look. I'd also suggest changing all your login passwords for anything you have on the site.

SteveWh

10:38 am on Apr 11, 2007 (gmt 0)

every so oftern it suddenly appears

Your site has been hacked. The hackers can get back in anytime they want. Deleting the code from your page is useless unless you also take the other important measures to restore you site's security. Here are two threads about post-hack steps to take. There are probably many others in this forum.

[webmasterworld.com...]
[webmasterworld.com...]

qmaster

6:27 pm on Apr 12, 2007 (gmt 0)

Can you see additional js or other scripts when you look to the file manager thing that the hosting company provides? Maybe google detect cross-site scripting. I'd also bring it up to my hosting company maybe they have something to say do about it...