16 {{ upvoteCount | shortNum }}
16 {{ upvoteCount | shortNum }}

My site has been hacked!? How do I stop em?

by charliemwallace
14 replies
Hey everyone.

I just did a google search on my site to find it has been hacked by someone who has put a whole lot of porn on my site! When I did a search on google this is what it came up with (excuse the following language please!)

WEBSITE TITLE HERE
www.my url here.com/
13 Jan 2011 - My site description here
Affiliates - Clit Big Fat 5107 - Mom Mature Incest 9591 - Chubby Perteens 2048

The last line is obivously links, and obviously I changed the top two lines, I am just about to go on and delete all of them, which after further investigation there are a lot of them!

How would these people have got in and how do I stop them doing it again and is there anything I need to be worried about? All my emails are fine and my product is sold through clickbank so they wouldn't have been able to get any of my sales details.

Any help would be greatly appreciated!

Thank you!

Charlie.
#hacked #site #stop
  • Profile picture of the author charliemwallace
    Ok this seems to be much more of a problem than I first expected, I just went to delete all the hackers files only to find that I can't see them in normal FTP??
    {{ DiscussionBoard.errors[5387892].message }}
  • Profile picture of the author pandadoodle
    You need to contact your host to restore your site to the last backup, then any folders you have set to 777 change to 644 or similar. Just google CHMOD file security and settings.

    If your using wordpress make sure that its upto date to the latest version same applies for any themes and plugins you are using also.
    Signature
    Web Design Cardiff - Panda Doodle
    {{ DiscussionBoard.errors[5387909].message }}
  • Profile picture of the author STEVEN VEE
    Hi Charlie
    If its a Wordpress site install "BulletProof Security" (search under plugin menu-new) that prevents all attempts at hacking.
    {{ DiscussionBoard.errors[5387920].message }}
    • Profile picture of the author pandadoodle
      Originally Posted by STEVEN VEE View Post

      Hi Charlie
      If its a Wordpress site install "BulletProof Security" (search under plugin menu-new) that prevents all attempts at hacking.
      Signature
      Web Design Cardiff - Panda Doodle
      {{ DiscussionBoard.errors[5387935].message }}
    • Profile picture of the author fashion master
      You might even try your internet provider. I know AOL, Yahoo, Comcast and a few others provide free spam blocking.
      {{ DiscussionBoard.errors[5387937].message }}
  • Profile picture of the author charliemwallace
    Cool thanks guys, it's not a wordpress site, but I've contacted my host so hopefully on its way to being fixed!

    You guys are awesome!
    {{ DiscussionBoard.errors[5387951].message }}
    • Profile picture of the author pandadoodle
      Originally Posted by charliemwallace View Post

      Cool thanks guys, it's not a wordpress site, but I've contacted my host so hopefully on its way to being fixed!

      You guys are awesome!
      Are you using any free scripts?

      If its just a plain and simple static site, I would check your folder and file permissions first before anything else.
      Signature
      Web Design Cardiff - Panda Doodle
      {{ DiscussionBoard.errors[5387970].message }}
  • Profile picture of the author charliemwallace
    I am using a free script for my support. Would that be the way they would get in?
    {{ DiscussionBoard.errors[5387980].message }}
    • Profile picture of the author pandadoodle
      Originally Posted by charliemwallace View Post

      I am using a free script for my support. Would that be the way they would get in?
      its a strong possibility, look to see if there are updates or google product name + hacked etc to see, but thats where i would edge my bets at the moment.

      Get your host to restore a backup, change all passwords, remove / disable that script for a little while or better still replace it, check all folder and file permissions.
      Signature
      Web Design Cardiff - Panda Doodle
      {{ DiscussionBoard.errors[5387993].message }}
  • Profile picture of the author treka
    As a short term fix while you are improving your security you can usually find out the IP address of the offender (by looking in your servers logs - accessible from cpanel) and then block the IP. This is by no means a fix to your problem but I had a case where I was repeatedly hacked by the same person and it slowed them down enough while I was working out how they got in. Also normally these guys are looking for the easy hack so if you block them they will usually move on. You will still need to address your server security though and your hosting provider should be able to help
    {{ DiscussionBoard.errors[5388020].message }}
  • Profile picture of the author supershoesclub
    You should learn more about the site security.use the long and difficult password to your web host and admin control panel.you also should set up the permission of the folder with high level.Never post your login page and password info to your friends online.If you have been hacked ,you can contact the host provider to restore your old data and the files.In my opinion,Protection is more important to resolve the hacking problem.Hope you can resolve it well.
    Signature
    cheap fashion women bags
    {{ DiscussionBoard.errors[5388183].message }}
  • Profile picture of the author Chris Chicas
    Who is your hosting company?
    Signature
    TwinFlameSecret.com
    {{ DiscussionBoard.errors[5388207].message }}
  • Profile picture of the author AndreasJacobsen
    good luck, sounds bad... When it comes to hacking, I am not a very big help unfortunately!
    {{ DiscussionBoard.errors[5388214].message }}
  • Profile picture of the author richardtj
    A word of advice- make sure you're using an apache driven server (linux) and always hand code everything. Learn to mod htaccess as well. Windows servers are IMHO far more vulnerable.
    {{ DiscussionBoard.errors[5388499].message }}

Trending Topics