What's New
Off Topix: Embrace the Unexpected in Every Discussion

Off Topix is a well established general discussion forum that originally opened to the public way back in 2009! We provide a laid back atmosphere and our members are down to earth. We have a ton of content and fresh stuff is constantly being added. We cover all sorts of topics, so there's bound to be something inside to pique your interest. We welcome anyone and everyone to register & become a member of our awesome community.

Site Attacked

DrLeftover

DrLeftover

Forum Curmudgeon (certified)
Elite Member
Joined
May 13, 2010
Posts
17,637
OT Bucks
48,617
FYI- if you have a website (not a FB page or a blog)....

My 'adult story' website was attacked over the weekend by a javascript robot that managed to infect every page, over 200 individual pages of HTML, with a line of code that was supposed to take readers to another page, supposedly from the "Huffington Post", on the site that would redirect them to an outside site that sold a worthless adult product.

It was a straight up scam.

Fortunately, I noticed in a reasonably short time and have a recent clean backup to restore the site from.

I talked to my host's tech support and they said that this has been happening a lot lately, and there is no real security to prevent it except to do what I have already done. Change all the passwords to the site, delete any unused accounts associated with it, and restore it from my backup (which I will do tonight) which I checked and it is clean.

The code it injected on the pages was identical:
<!--317008--><script type="text/javascript" language="javascript" >
much blank space where other code was supposed to be
</script><!--/317008-->
Click to expand...

The extra page was inserted in the main directory, once I looked at it and saw what it was, it was deleted as well.

This is the first time this has ever happened to one of my sites, but it is why I do a FULL backup at least every other month.


Thank you
 
This is the first time this has ever happened to one of my sites, but it is why I do a FULL backup at least every other month.
Click to expand...
There's a first time for everything. Thank goodness you do full backups!
 
FTP works both ways.

It was easy to spot because the internal pages have no javascript on them at all. And on the main index page, the only script is for the Amber Alert.

I try to keep stuff simple because, face it, I'm fairly stupid and am doing this by myself without using WYSIWYG editing software.
 
And to top it all off, the site is now blacklisted by https://www.stopbadware.org/my-site-has-badware

And they want a donation to un-list it.

I submitted it for a 'free review', but I'm not going to hold my breath.

I'm now on my way to the conspiracy forum with an idea about who did the dirty work in the first place....
 
Oh, Doc, this is getting worse by the minute. I'm so sorry this crap is happening. That site you linked us to looks weird to me. Maybe they did it to make money. :mad:
 
No.

I talked to tech support and they said there had been several sites compromised at more or less the same time.

I deleted all HTML files and quite a bit of everything else just in case a 'seed' was left somewhere. Changed the password and deleted a backup account that I seldom use.

If it happens again, support said they'd wipe it and then I could reload from scratch.
 
My wife's site keeps getting attacked as well. We get e-mail messages everyday of someone trying to hack our system. Good thing we have a blocker system in place.

My wife says, that if you have WordPress for your site, use WordFence and Security plug-ins. These have helped out tremendously for her.
 
Well it's good you got it removed. I know sometimes that these smart a$$e$ can put something in your computer that takes many different roads to take care of.
 
The infection was on the files on the host's server. Fortunately, the backup files I had were clean.

It has been restored, and, evidently, the ratings people have removed it from their blacklist.


I checked the source code on several of the pages this morning, and they have stayed that way, at least for now.
 
Again, gr8 work getting it all fixed. Now you can continue to drive forward with your stuff. :D
 
understood

But that is exactly what I want them to do, but only when I want them to do it.

So far, as of last night, the site is still clean.

Unless the javascript bot hits it again, it is good to go and I can handle it.

On a home page like Off Topix's, I don't know how you'd ever find a line or two of script that shouldn't be there.
 
Let's hope it stays clean.
DrLeftover said:
On a home page like Off Topix's, I don't know how you'd ever find a line or two of script that shouldn't be there.
Click to expand...
Shouldn't be that hard really. Despite it being built dynamically from quite a number of files and database entries, it's pretty easy to find things.
I'd be more worried about the database and the server itself.
 
You must log in or register to reply here.

Similar threads

Bawse
How long does Google Search Console take to index a new site?
Replies
3
Views
106
Jay™
Jay™
Ja sa bong
Which social media site suspended your account for absolutely nothing?
Replies
3
Views
254
Jay™
Jay™
nomad
What Social Site Do You Use to Watch Short Videos
Replies
0
Views
126
nomad
nomad
nomad
How Often Do You Buy From Social Site?
Replies
2
Views
223
KO896
KO896
Dead2009
Men Behind Illegal Streaming Site Bigger Than Netflix, Hulu, And Prime Combined Convicted
Replies
1
Views
80
duskpire
duskpire
Back
Top Bottom