Malware Site redirection

13 replies
I am sure that many members would have experienced this problem. Recently when I typed in the URLs of my sites, they were being directed to some other sites. Finally after wasting a lot of time and effort, I found out that Malware has infected my site files. When I brought this to the notice of my hosting company, they did some cursory scanning and said they could do nothing about it and referred me to their partner site which handles malware.

Now, I firmly believe these hosting companies allow such malware to sneak into your sites so that they can sell you the services of their partners !

What I would like to know is whether anyone can suggest the best route to handle this- which is a good malware removal/repair/protection company charging reasonable fees. Shall be grateful for any other advice the Warriors can give me.
#malware #redirection #site
Avatar of Unregistered
  • Profile picture of the author tritrain
    Move your sites to a better host. If you are on a shared IP it is possible that you're in a bad "neighborhood".

    After you move to a different host, request that your site be relisted as free of malware.
    Signature
    Domains for sale - see seopositions.net
    {{ DiscussionBoard.errors[11339101].message }}
  • Profile picture of the author Steve B
    Originally Posted by aries16 View Post

    Now, I firmly believe these hosting companies allow such malware to sneak into your sites so that they can sell you the services of their partners !

    IMO, you don't have any evidence to suggest that this is the case. Malware can strike from anywhere ... often through your own downloads, web surfing, software installations, and many other avenues. The hosting company is not responsible for your online activity and engagement with malware distributors.

    Obviously, some hosting companies are more concerned about their client's security than others.

    There are both paid and free malware solutions and I would suggest you do your due diligence and find the best one for your own particular situation. Another alternative would be to go to one of the freelancer sites and post a project there - no doubt there are lots of professionals that have experience with removing malware that you could hire at a reasonable cost to do this for you.

    Good luck to you,

    Steve
    Signature

    Steve Browne, online business strategies, tips, guidance, and resources
    SteveBrowneDirect

    {{ DiscussionBoard.errors[11339121].message }}
  • Profile picture of the author OptedIn
    So, you're saying that you don't have one, two, three and 4 week backups that you can use to restore your sites to an uninfected state with a few clicks of a mouse?

    Really??
    Signature

    "He not busy being born, is busy dying." - Bob Dylan • "I vibe with the light-dark point. Heavy." - Words that Bob Dylan wishes he had written.

    {{ DiscussionBoard.errors[11339202].message }}
  • Originally Posted by aries16 View Post

    Now, I firmly believe these hosting companies allow such malware to sneak into your sites so that they can sell you the services of their partners!
    You are a very special person. It's takes a wise person to make a deep inference to consider that your webhosting company might be in a unethical deal with their partner site. It means you analyze all options, and sometimes.... the darkest reality is often the truth of the matter.

    But more than likely... they're NOT behind this. I DONT think they would jeopardize their business for a "side cut".

    I'll tell you what to do:

    Download Filezilla (an FTP program), and download your entire website to your desktop.

    Then scan and clean THOROUGHLY each and every folder and file on your site. AND on your computer. Buy a good malware/virus/adware/etc software that will detect ANYTHING harmful.

    The ones that are detected as having malware/something fishy, delete them. Then recreate them (if you need them). Once you have scanned all of your files, you have 2 choices:

    1) Transfer them back to your website, or...

    2) Upload them onto another webhosting company.

    If you really feel convinced about your current webhosting company, then go with option #2.
    Signature

    {{ DiscussionBoard.errors[11339207].message }}
    • Profile picture of the author OptedIn
      Originally Posted by Randall Magwood View Post

      If you really feel convinced about your current webhosting company, then go with option #2.
      Don't forget Option No. 3. ALWAYS backup your website, at least weekly with at least 4 iterations of your site, going backwards. To not do so is Internet malpractice.

      Don't count on your hosting company to do this, regardless of what they claim. These are YOUR assets. Protecting them is YOUR responsibility.
      Signature

      "He not busy being born, is busy dying." - Bob Dylan • "I vibe with the light-dark point. Heavy." - Words that Bob Dylan wishes he had written.

      {{ DiscussionBoard.errors[11339224].message }}
    • Profile picture of the author aries16
      Many thanks. I was with a particular hosting company for many years without any such problems. I recently shifted to a new one for the free SSL certificates and got into this mess. Fortunately, I didn't cancel the old hosting account or delete any files or folders and so I shall go back to them ASAP.

      Thanaks again for the advice.
      Signature
      {{ DiscussionBoard.errors[11339456].message }}
      • Profile picture of the author OptedIn
        Originally Posted by aries16 View Post

        I recently shifted to a new one for the free SSL certificates and got into this mess..
        "Free.' The scariest word in the English language.

        There is no such thing as a free lunch. You'll always wind-up paying in one way, or another.
        Signature

        "He not busy being born, is busy dying." - Bob Dylan • "I vibe with the light-dark point. Heavy." - Words that Bob Dylan wishes he had written.

        {{ DiscussionBoard.errors[11339491].message }}
  • Just moving the site to new server or by restoring previous would not solve the problem as there is a 90% chance to get attacked again.

    So you need to first detect the files which are infected and then fix them and take strict security action so it won't happen again.

    First thing I would like to check manually is the .htaccess file into your root folder, you might find some bad code there, so if you find any thing suspicious, remove them and after saving the file, change the file permission to 600.

    If you're using wordpress then I am giving 3 plugin recommendation which you use to scan and find the issues. If you're not using wordpress then you can visit their website and scan your website manually.
    {{ DiscussionBoard.errors[11339561].message }}
  • Forgot to attach the names

    - SUCURI
    - Wordfence
    - SiteLock
    {{ DiscussionBoard.errors[11339563].message }}
  • Profile picture of the author vishwa
    Malware sometimes come through nulled themes and plugins. Working with legitimate and professional web hosting company can save your time and money as well. If you are not satisfied with your current provider then move on to good hosting providers like Siteground.
    Signature

    Check out my blog @ https://www.technobyet.com

    {{ DiscussionBoard.errors[11339840].message }}
  • Profile picture of the author romanepo
    Malware changed some of your code,thats why your site redirected another site.Always try to use reliable source code,otherwise it will be trouble.If malware scanner did not trace issue,you can reset default code and debug re-directional code.
    Signature
    VPS from $9.99/m | GoGetSpace.com
    TECHNOLOGY Service Provider | LayerSYSTEM.com
    {{ DiscussionBoard.errors[11339888].message }}
  • Profile picture of the author Kingfish85
    99% of the time these issues are due to vulnerable scripts that are either not kept up to date to patch known vulnerabilities OR they simply have poor coding. The best resolution is to have a security oriented developer review all files and content that you have on the account.

    Many tend to blame the hosting provider however, there's a scope outlined by the provider of what their responsibility is and what the website/account owners responsibility is. The host maintains the server, network etc. The account/website owner maintains the website and applications hosted within the hosting plan itself.

    Additionally, because many of these exploits tend to use valid scripts to send their SPAM, they can go undetected and also be dormant for quite some time. A legitimate script may not be malicious but can be used in a malicious manner. The other issue is when exploits are able to be executed that allow other SPAM scripts to be created & then executed. This is usually in the form of files with randomly generated file names & contain encoded content with something such as base64.
    {{ DiscussionBoard.errors[11342655].message }}
Avatar of Unregistered

Trending Topics