Welcome to WebmasterWorld Guest from 18.205.176.85

Forum Moderators: open

Phishing pages are being created on my sites

     
7:28 am on Oct 8, 2019 (gmt 0)

New User

joined:Oct 8, 2019
posts:4
votes: 0


I got an email from google that phishing pages are found on my websites. I didn't create those. I found and removed those and contacted my host that is bluehost but they are not helpful atall. The pages are created after a little time in the directories again. Even if i delete. Will changing directory permissions help? What should I do?
1:03 pm on Oct 8, 2019 (gmt 0)

Administrator from US 

WebmasterWorld Administrator not2easy is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 27, 2006
posts:4569
votes: 367


Hello thehermitgirl and Welcome to WebmasterWorld [webmasterworld.com]

When you are finding pages on your site that you did not create, that indicates that your site has been compromised either by external hacking or by use of a vulnerable plugin, add-on or widget that you have installed. Google offers a full set of how to detect, find, repair and prevent malware attacks. Controlling directories using permissions may be one part of the process. Visit the Google support center for hacked sites [support.google.com] where they have resources to help you find the source of your problem, how to fix it and how to get your site re-instated after it has been fixed.

You don't mention whether your site is based on static html pages or on a CMS like WordPress. Because WP is a popular platform for new webmasters it is also a popular target for hackers seeking vulnerable sites to exploit. IF your site uses WP you should check every plugin that you use because the plugins are often the point of entry for attacks. This is one reason that many hosts are reluctant to help other than referring you to the Google support pages. Fixing it doesn't mean it won't be back, you need to use the tools that are offered in the support center to get your site cleaned up.

3:24 pm on Oct 8, 2019 (gmt 0)

New User

joined:Oct 8, 2019
posts:4
votes: 0


Thank you so much for such a detailed reply and a helpful link. The malware was in static html sites which is weirder.
3:42 pm on Oct 8, 2019 (gmt 0)

New User

joined:Oct 8, 2019
posts:4
votes: 0


If I change all the folders permissions to 555 will it prevent phishing sites from posting new pages?
4:04 pm on Oct 8, 2019 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Aug 30, 2019
posts: 158
votes: 34


Hello-

If I change all the folders permissions to 555 will it prevent phishing sites from posting new pages?

It depends how hackers are succeeding to modify / inject code into your site.
4:31 pm on Oct 8, 2019 (gmt 0)

New User

5+ Year Member

joined:June 30, 2011
posts:23
votes: 2


Do a total review of your entire site. The first thing hackers often do when they gain access to your system is to unlock alternative entries to grant them access even after you fix the original security loophole.
5:20 pm on Oct 8, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10609
votes: 1128


First thing, change all your passwords! Make sure they are very secure passwords.

Make sure no user accounts exist that you did not authorize.

Hopefully you have a backup of the site before all this started. If so, delete the current site's contents and reinstall from the backup.

Harden all entry points, secure against uploading, etc.
6:37 pm on Oct 8, 2019 (gmt 0)

Administrator from US 

WebmasterWorld Administrator not2easy is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 27, 2006
posts:4569
votes: 367


At the Malware support link above it has much more information as well as tools to help you find and close any vulnerable structure. Since you will need to submit your fix validation so that Google will approve the repairs it seems best to use their resources to help you find and repair whatever issues they are finding there.
2:44 am on Oct 9, 2019 (gmt 0)

New User

joined:Oct 8, 2019
posts:4
votes: 0


Thank you everyone especially not2easy.
4:07 am on Oct 9, 2019 (gmt 0)

New User

joined:Oct 8, 2019
posts:4
votes: 0


@tangor+ Thank you so much. :)