Results 1 to 8 of 8
  1. #1
    ABW Ambassador
    Join Date
    June 30th, 2007
    Location
    Syracuse, NY
    Posts
    677
    Facebook says a link goes to an attack page?
    Wasn't sure where to post this, but it is really confusing me.

    For this website -> Swamiken.org

    When it is posted on facebook, it goes to this -> pills.ind.in/in.cgi?4&parameter=0510

    Posted on another website, there were no problems. If I go to it via google, no problems either. I also had posted it on facebook a while back, and there were no problems. Although it seems facebook removed the link. I did just say to ignore the warning and it went to a porn page.. so really confused.

    Further information, I am using wordpress. And it has seemed like lately, the website is loading slower. The sidebar to be exact, but only on some of the website's page. No idea if that is related, I remember a couple of years ago that hackers could slip code in to wordpress websites? Been looking around and haven't seen any of that yet in my html.

    Anyone have any ideas?

  2. #2
    ABW Ambassador CathyM's Avatar
    Join Date
    May 30th, 2006
    Location
    Torrance, CA
    Posts
    893
    If you look at swamiken.org in google, the serp looks odd and I got a security warning from norton. It's probably been hacked.

  3. #3
    ABW Ambassador
    Join Date
    June 30th, 2007
    Location
    Syracuse, NY
    Posts
    677
    Quote Originally Posted by CathyM View Post
    If you look at swamiken.org in google, the serp looks odd and I got a security warning from norton. It's probably been hacked.
    Yeah, I changed the index page just to a welcome picture. So it does look funny in google. The rest of the pages are pages or posts, I link too. No idea if there is an easier way to do it, but it works for me, LOL.

    Looking at html for the index, I'm not seeing any extra code added. I also don't get any warnings.

    Is there a specific location I should look for hacked code?

  4. #4
    ABW Ambassador CathyM's Avatar
    Join Date
    May 30th, 2006
    Location
    Torrance, CA
    Posts
    893
    I can't get to the site and don't want to keep clicking on it in google. I had wordpress sites hacked in January and the bad code was in header.php. It was a vulnerability in the older version of wordpress. Besides hacking header.php, the hacker had set themselves up as an administrator and I found a script that gave them a back door to keep getting in. The script was hidden in blog/wp-content/uploads... Hostgator helped me find it.

  5. #5
    ABW Ambassador
    Join Date
    June 30th, 2007
    Location
    Syracuse, NY
    Posts
    677
    Oh good lord, the problem is a lot worse than I thought it was.

    I'm using 2.9.2 which is the latest I believe, and I've seen nothing in my code for this website, but... I checked another one of my websites (one that makes money.. or was lol) and it has the exact same problem.

    So gotta search everywhere I guess.

    Also seems a lot of people are getting hacked in wordpress 2.9.2 when I did a google search.

    Edit: All my websites are affected, so guess I'm gonna call my host cuz I have no idea where to look.

    Edit2: FIXED!!

    Called my host and problem is resolved. It was in the htaccess and index.php for each domain. No idea how it happened. Would it help to post the code for those curious?
    Last edited by Hardaka; May 28th, 2010 at 06:56 PM.

  6. #6
    http and a telephoto
    Join Date
    January 18th, 2005
    Location
    NYC
    Posts
    17,708
    Did your host help you fix the security hole that the hackers got in through??? If not, they will be back.
    Deborah Carney
    TeamLoxly.com BookGoodies.com ABCsPlus.com

  7. #7
    ABW Ambassador
    Join Date
    June 30th, 2007
    Location
    Syracuse, NY
    Posts
    677
    They were nice enough to send me an email about Code injection and Remote File Inclusion. Beyond that, nope. Looking those over, in the mean time I changed my password.

  8. #8
    ABW Ambassador cusimano's Avatar
    Join Date
    January 18th, 2005
    Location
    Toronto, Canada
    Posts
    1,369
    From what I have read elsewhere, it appears that the attack vector in WordPress 2.9.2 is currently unknown.

    You might want to install these plugins:

    WordPress File Monitor: Monitors your WordPress installation for added/deleted/changed files. When a change is detected an email alert can be sent to a specified address.

    Wordpress Firewall: Investigates web requests with simple WordPress-specific heuristics to identify and stop most obvious attacks.

    See also: Hardening WordPress

    Be sure to regularly backup your website files and also backup the database.

    Yours truly,
    Cusimano.Com Corporation
    per: David Cusimano
    Affiliate Tools: Datafeed Merge

  9. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Featured: Google+ Brand Page vs FaceBook Fan Page
    By Rock Howard in forum Search Engine Optimization
    Replies: 17
    Last Post: April 25th, 2012, 09:47 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •