|
For those in the know who might have some ideas since I have seen this shit on at least a half dozen sites that are all running diff configs and scripts, here is the coding that seems to get attached to parts of the page..
Quote:
|
Quote:
he said his page was getting hacked he didnt fucking say there is a virus on his page that will spread to other users that visit his page :disgust |
The script kiddies creating this shit should be hunted down and killed.
|
Quote:
|
Quote:
|
these virus things scare me.... :(
|
Quote:
|
this has happened to a couple customers of ours.
the first issue was that the customer had WordPress installed and was using some 3rd party template or counter which was inserting a javascript trojan downloader in to the page on the fly. once the customer removed the template/counter, the issue went away. the second issue was permissions. the customer had some script running with a file owned by apache.apache and 777. once we changed the permissions the javascript trojan went away, and the iframe insertion to uniqcontent went away as well. contact me if you have any other questions. |
Quote:
|
Quote:
from what you pasted above for the code, it definitely sounds like wrong permissions on some of your files. for wordpress i believe it should be: Folders => 755 Files => 644 |
get a decent host, if everything is tight on the server, your sites shouldn't get owned even with security bugs in any scripts you may use....
|
bump for this
|
Quote:
It doesn't really matter if that file is 777 (some scripts really need that) most php writes that are not run through cgi. The problem is with the script that allows an attacker to execute/upload on your server. |
try what we called antivirus
|
Quote:
|
Wow, that's nasty.
I cant believe webair wasent more helpfull. |
I'm having the same problem and have contacted Webair about it twice now. they are 'looking' into it.
|
Where is webair in this thread to try and help out their customer? They seem to manage to make it to every thread that is looking for hosting but not this one? :helpme
|
Quote:
|
keep us posted...
|
Not much you can do about it, looks like the virtual hosting box is compromised and this is likely happening to everyones pages on the box.
It probably searches for any web content and adds that into every file. :/ |
I have the same problem with my sites on webair, trojan javascript at the top of the page just pops out of nowhere...
WEBAIR SOLVE. |
oh, this is a virtual server.
That explains it. |
Quote:
Thank You. |
Ask your hosting.
|
did u get it fixed?
|
Quote:
|
redo your complete server setup (including OS install) and the problems will go away.
|
anyone on webair knows more about it?
i found some of my domains hosted on webair hacked too (only root index.php files although)...not sure if its coming from my computer or it was some hack of webair accounts. |
I started a new thread.
|
Whenever a server has been compromised, it is best to start from scratch. Reinstall the OS, reupload everything, import dbs.
The attacker might have left stuff on there that you didn't catch. That's why, in most cases, it happens over and over again. So my advice is that you format your server, start from scratch and search the web for security information of every single script or software that you plan to put on there. |
this shit sucks... I working on the wordpress chmod now! Also installing the latest version.
|
Quote:
|
RobV what is the status on your situation?
|
buuuuump just got hit AGAIN today
|
Quote:
And oddly enough this only hit 1 blog I had on the server, everything else was untouched. |
Quote:
|
trojan alert!!!!!!
|
Quote:
|
| All times are GMT -7. The time now is 10:32 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc