Hacking link problem...
5 posts by 3 authors in: Forums > CMS Builder
Last Post: November 29, 2011 (RSS)
By (Deleted User) - November 28, 2011 - edited: November 29, 2011
I have had a problem in the past with using wordpress and weird hacking problems... I use the CMS on one of my websites that does not use wordpress and am having a similar problem. Any chance that I need to update the software of CMS on the site?
Below is a little more of what I sent to my hosting company:
Hi - I need your help. We've just been passed along an email from the pharmaceutical company No vartis asking us to remove a trademarked name "Dio van" from pmaonline.com. We think there must have been a hacking of the site or something because the link they gave us is :
(removed link)
this link does not exsist on our website -- and there is no directory in medical_staff/greybox called "notes" or any other PHP issue... I am having a hard time figuring out how this is a problem.... when I google the link I get a page like this (Removed link) that lists the pmaonline.com on a list in the middle of the page... we never put this there and I'm not sure why it's there.... I plan on removing the word Diovan from the trial page on the pma website... but I wanted to figure out where and how this happened.
Can you help me being to sort this out? I don't want this to happen again.
Thanks, -Cheryl
Re: [cfdesign] Hacking link problem...
By Dave - November 28, 2011
I did a quick search on google for specific hacked pages but it didn't return anything. It did say that your site may have been compromised, though. See:
http://www.google.ca/search?q=site:pmaonline.com
We've never had a security issue with our software, but have heard of lots of hacked site reports. The culprit is often common open-source scripts. These are so popular that hackers spend the time to write automated scanners that check thousands of sites for known vulnerable scripts.
As a first step, I'd check to see if anything has been added to the /.htaccess file in the root of your website. Sometimes they add some code there to only show pages when a user links in from a search engine which would explain why you can't always see the page yourself.
Can you let me know if you see anything out of the ordinary in your /.htaccess? Make sure your FTP program shows .htaccess files and check in these folders (also check for php.ini files):
/medical_staff/greybox/
/medical_staff/
/
Hope that helps. Let me know what you find. Thanks!
interactivetools.com
Re: [Dave] Hacking link problem...
By (Deleted User) - November 29, 2011
Re: [cfdesign] Hacking link problem...
By InHouse - November 29, 2011
This assumes that the problem wasn't just a weak FTP username/password, or a myriad of other possible curses. [;)]
J.
Re: [InHouse] Hacking link problem...
By (Deleted User) - November 29, 2011