Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Freeware Forum > Website Design, Support and Maintenance

Reply
 
Thread Tools Display Modes
Old 16. Aug 2011, 04:04 AM   #1 (permalink)
Senior Member
 
wdhpr's Avatar
 
Join Date: Sep 2008
Location: The north Coast
Posts: 1,513
Default My Website may have been hijacked

I just checked out my lowly website and I checked a link I have to Monster.com when I clicked on it it first went to Monster.com and then it then went to domains.googlesyndication[DOT][COM]
With a red wot rating. I keep a clean backup of all my website files so I used Fire FTP and over wrote all file and directories. I then rechecked my site and all is well again. My question Is how this may have happened and how can I prevent it from happening again.

I have my sight locked and just changed my password last year.

Thanks in advance
wdhpr is offline   Reply With Quote
Old 16. Aug 2011, 06:30 AM   #2 (permalink)
Senior Member
 
Ritho's Avatar
 
Join Date: Apr 2008
Location: Planet Earth
Posts: 1,379
Default

Is your site just simple html, or are you running a software platform like a blog, a cms, or something? In a shared server situation, much of the security is usually the responsibility of your webhost. But the locking down of permissions on file and folder access and upgrading any software is your responsibility. Disabling things like directory browsing, and customizing your .htaccess file for your particular situation are places to start.

It also does not hurt to scan you site for malware on a regular basis. Currently I have been using Qualy's free malware scanning service. I don't know if it will remain free after it leaves beta or not ,but I have been using it for over a year now. http://www.qualys.com/forms/trials/stopmalware/

They have another free service as well to scan the server your site runs on for vulnerbilities. If it has any you can alert your host to them. http://www.qualys.com/forms/trials/q...ard_free_scan/
__________________
The smallest good deed is better than the greatest intention.
Ritho is offline   Reply With Quote
Old 16. Aug 2011, 11:17 PM   #3 (permalink)
Senior Member
 
wdhpr's Avatar
 
Join Date: Sep 2008
Location: The north Coast
Posts: 1,513
Default

Thanks Ritho
My site is a simple html type. My domain server is through GoDaddy. I'll take you up on your suggestions and I will also check out your Qualy's malware scanner. I have also changed my password, thing is It surprised me someone would bother hijacking a website like mine. Go figure.
wdhpr is offline   Reply With Quote
Old 17. Aug 2011, 06:24 AM   #4 (permalink)
Senior Member
 
Ritho's Avatar
 
Join Date: Apr 2008
Location: Planet Earth
Posts: 1,379
Default

[QUOTE=wdhpr;58110 ... thing is It surprised me someone would bother hijacking a website like mine. Go figure. [/QUOTE]
Actually a person may have never even been involved. Infected servers may scan for other servers or websites that have certain vulnerabilities, and infect them automatically. Not really so different from how many infections may get on PCs.
__________________
The smallest good deed is better than the greatest intention.
Ritho is offline   Reply With Quote
Old 17. Aug 2011, 10:49 PM   #5 (permalink)
Senior Member
 
wdhpr's Avatar
 
Join Date: Sep 2008
Location: The north Coast
Posts: 1,513
Default Speak of the devil

Just received this e-mail today:

Earlier this week, the Go Daddy Information Security Team detected suspicious activity within our hosting environment. The investigation concluded someone was targeting customers' hashed FTP (Web hosting) credentials. The activity was stopped and we continue to monitor the situation.

Your Web hosting account for weedhop.com was NOT impacted. (R U SURE?)
As a precaution, however, we have reset your FTP password.

If you use a content management system to manage your content, no further action is required.

If you do use FTP to manage your website, you will need to change your password before reconnecting. For instructions on how to change your FTP password, see our article, Resetting Your Hosting Account Password (FTP Password). (Beat you to it)

If you have any questions, please call our live, 24/7 customer support at 480-505-8877.

Sincerely,

Go Daddy Security Team

What timing
wdhpr is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 02:35 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.