All my sites have been HIJACKED

by mikeb1
74 replies
Hi All

I would appreciate any help, I have had everyone of my websites hacked, 18 months of toil and around 100 websites all gone, and from what Ive been reading on yahoo answers etc, there is not a darn thing I can do about it.
Any help much appreciated.

Best Mike.
#hijacked #sites
  • Profile picture of the author CDarklock
    Originally Posted by mikeb1 View Post

    I have had everyone of my websites hacked, 18 months of toil and around 100 websites all gone
    Have we learned anything?

    Keep backups, use strong passwords, login only with SSH, upload only with SFTP?
    Signature
    "The Golden Town is the Golden Town no longer. They have sold their pillars for brass and their temples for money, they have made coins out of their golden doors. It is become a dark town full of trouble, there is no ease in its streets, beauty has left it and the old songs are gone." - Lord Dunsany, The Messengers
    {{ DiscussionBoard.errors[2650345].message }}
  • Profile picture of the author mikeb1
    SSH ? SFTP ?

    Can you eloborate
    cdarlock
    Signature
    Affiliate links are not allowed.
    {{ DiscussionBoard.errors[2650377].message }}
    • Profile picture of the author Exfilius
      Where were they hosted at?
      {{ DiscussionBoard.errors[2650406].message }}
      • Profile picture of the author miklanderson2
        I hate to the be the bearer of bad news but there may not be much you can do except to restore the sites from back-up. If you don't have back-ups it may be a total loss...
        Signature

        "A bargain is something you don’t need at a price you can’t resist."
        -Franklin Jones

        {{ DiscussionBoard.errors[2650488].message }}
        • Profile picture of the author Ambius
          Originally Posted by miklanderson2 View Post

          I hate to the be the bearer of bad news but there may not be much you can do except to restore the sites from back-up. If you don't have back-ups it may be a total loss...

          google archives a ton of data. search for your pages and instead of clicking the link, click "cached" and then save a copy of the page. It's slow and tedious, but maybe faster than rebuilding your old pages.

          There are also web services that try to crawl and archive historical copies of the entire internet. You may find your pages there. try sites like www . archive . org/web/web.php
          {{ DiscussionBoard.errors[2654155].message }}
    • Profile picture of the author CDarklock
      Originally Posted by mikeb1 View Post

      SSH ? SFTP ?
      If you use a shell login to your account, or you transfer files with an FTP program, make sure you're using an encrypted connection to the server. Base-level telnet and FTP send your username and password "in the clear," and anyone on the network might see them.

      If you do everything through your control panel, make sure it's with an https: connection and not basic http: when you log in.

      If you log into a shell, make sure it's over SSH. Most telnet clients support SSH, if you configure the service and port number. The normal port for this service is 22.

      If you use an FTP program, make sure you use SFTP. Again, most FTP clients support this protocol. This service also usually operates on port 22.

      If you can't connect to the service on port 22, contact your host and ask if it's on another port. Many hosts will put the SSH/SFTP service on a different port so it's harder for hackers to find.

      My own server used to receive several hundred hack attempts every hour when SSH was on port 22. I moved it to a different port, and the hack efforts stopped almost completely. Now I get a couple dozen a month, at most.

      It doesn't matter how small and unimportant you might be, people are trying to hack your server.
      Signature
      "The Golden Town is the Golden Town no longer. They have sold their pillars for brass and their temples for money, they have made coins out of their golden doors. It is become a dark town full of trouble, there is no ease in its streets, beauty has left it and the old songs are gone." - Lord Dunsany, The Messengers
      {{ DiscussionBoard.errors[2650407].message }}
      • Profile picture of the author mikeb1
        Originally Posted by CDarklock View Post

        If you use a shell login to your account, or you transfer files with an FTP program, make sure you're using an encrypted connection to the server. Base-level telnet and FTP send your username and password "in the clear," and anyone on the network might see them.

        If you do everything through your control panel, make sure it's with an https: connection and not basic http: when you log in.

        If you log into a shell, make sure it's over SSH. Most telnet clients support SSH, if you configure the service and port number. The normal port for this service is 22.

        If you use an FTP program, make sure you use SFTP. Again, most FTP clients support this protocol. This service also usually operates on port 22.

        If you can't connect to the service on port 22, contact your host and ask if it's on another port. Many hosts will put the SSH/SFTP service on a different port so it's harder for hackers to find.

        My own server used to receive several hundred hack attempts every hour when SSH was on port 22. I moved it to a different port, and the hack efforts stopped almost completely. Now I get a couple dozen a month, at most.

        It doesn't matter how small and unimportant you might be, people are trying to hack your server.
        Thanks for the info really appreiate it. is there nothing I can do to get my sites back ?
        mike,

        Originally Posted by Exfilius View Post

        Where were they hosted at?
        midpahse is my hosting company
        Signature
        Affiliate links are not allowed.
        {{ DiscussionBoard.errors[2650461].message }}
        • Profile picture of the author CDarklock
          Originally Posted by mikeb1 View Post

          is there nothing I can do to get my sites back ?
          Not if you don't have backups. Most web hosts offer backup services, but they cost extra, because many people operate their own backup systems and don't want to pay for another one.

          It's possible that most of your sites' data can be resurrected from the hard drives, but you'll pay a few hundred dollars for someone to try, and there's no guarantee they'll get anything. Check into "hard disk data recovery" on a search engine.
          Signature
          "The Golden Town is the Golden Town no longer. They have sold their pillars for brass and their temples for money, they have made coins out of their golden doors. It is become a dark town full of trouble, there is no ease in its streets, beauty has left it and the old songs are gone." - Lord Dunsany, The Messengers
          {{ DiscussionBoard.errors[2650477].message }}
          • Profile picture of the author mikeb1
            Originally Posted by CDarklock View Post

            Not if you don't have backups. Most web hosts offer backup services, but they cost extra, because many people operate their own backup systems and don't want to pay for another one.

            It's possible that most of your sites' data can be resurrected from the hard drives, but you'll pay a few hundred dollars for someone to try, and there's no guarantee they'll get anything. Check into "hard disk data recovery" on a search engine.
            thanks again CD
            Signature
            Affiliate links are not allowed.
            {{ DiscussionBoard.errors[2650508].message }}
            • Profile picture of the author intense
              I'm so tired of hackers defacing websites. It is really annoying, but it just teaches people a lesson and that is to back up your website.
              {{ DiscussionBoard.errors[2650524].message }}
  • Profile picture of the author ~kev~
    There was a linux exploit announced exactly 1 week ago - during the past week, an unknown number of servers have been hacked, and who knows how many sites have been defaced or taken down.

    But, its your responsibility to backup your sites.
    {{ DiscussionBoard.errors[2650476].message }}
  • Profile picture of the author nelsencaleb
    Banned
    Originally Posted by mikeb1 View Post

    Hi All

    I would appreciate any help, I have had everyone of my websites hacked, 18 months of toil and around 100 websites all gone, and from what Ive been reading on yahoo answers etc, there is not a darn thing I can do about it.
    Any help much appreciated.

    Best Mike.
    I think you should try contacting the companies. You can show them your bank records, as they should have records of your payments over the last 18 months. I'm sure they do. Check this out
    Signature

    asdfdsfds

    {{ DiscussionBoard.errors[2650527].message }}
    • Profile picture of the author harrist
      Originally Posted by nelsencaleb View Post

      I think you should try contacting the companies. You can show them your bank records, as they should have records of your payments over the last 18 months. I'm sure they do. Check this out
      Thanks Man your Idea helping me a lot
      {{ DiscussionBoard.errors[2735799].message }}
  • Profile picture of the author rts2271
    You have to contact your hosting company and see what kind, if any backups they have.
    {{ DiscussionBoard.errors[2650541].message }}
    • Profile picture of the author mikeb1
      Originally Posted by rts2271 View Post

      You have to contact your hosting company and see what kind, if any backups they have.
      have contacted my hosting company waiting on reply. I have some back up on some sites, but probably not the ones I want to retrieve

      Originally Posted by nelsencaleb View Post

      I think you should try contacting the companies. You can show them your bank records, as they should have records of your payments over the last 18 months. I'm sure they do. Check this out
      nelson
      contact the companies ? most of my sites were costume sites geared up for Halloween, affiliated to buy costumes in the U.S. so what could I do here ?

      Mike.

      Hi All again

      I have all my content backed up for my sites, can I just delete the sites and re-install with better secuirty etc ?

      Mike.
      Signature
      Affiliate links are not allowed.
      {{ DiscussionBoard.errors[2650578].message }}
  • Profile picture of the author CDarklock
    Originally Posted by mikeb1 View Post

    I have all my content backed up for my sites, can I just delete the sites and re-install with better secuirty etc ?
    Yes!

    Congrats, it sucks to get hacked without any backups. Glad to hear you've got some.
    Signature
    "The Golden Town is the Golden Town no longer. They have sold their pillars for brass and their temples for money, they have made coins out of their golden doors. It is become a dark town full of trouble, there is no ease in its streets, beauty has left it and the old songs are gone." - Lord Dunsany, The Messengers
    {{ DiscussionBoard.errors[2650802].message }}
    • Profile picture of the author mikeb1
      Originally Posted by CDarklock View Post

      Yes!

      Congrats, it sucks to get hacked without any backups. Glad to hear you've got some.
      CD
      Youv`e taken great time to help a FOOL thanks man.

      Mike.

      Originally Posted by dv8domainsDotCom View Post

      Normally, yes. This depends on the nature of your websites whether you can recover "easily" or not. If your sites are wordpress or joomla, for example, you also have databases to worry about. May not be the case if they are just "flat" files (HTML or php usually). Before deleting the "root" content of a particular domain, try uploading your backups to a test folder (for instance, so you can browse to it and view at domain.com/test ) . This is a pretty ok way to see if your backup files might be enough. Hope this gets you started.
      Now: side-note: new G*da**y Linux hosting plans (and reseller clones such as myself) keep a 30 day rolling backup (nightly) of files on hosting account. Recovery/rollback is fairly easy and provided right inside the control center as often as needed, no charge. Not a bad feature, almost makes the slowness nearly worthwhile lol. Good luck!
      thanks for input, and to all you guys who tooki time to answer a rookie,WF rocks.
      mike.
      Signature
      Affiliate links are not allowed.
      {{ DiscussionBoard.errors[2650881].message }}
  • Profile picture of the author dv8domainsDotCom
    Originally Posted by mikeb1 View Post

    Hi All again

    I have all my content backed up for my sites, can I just delete the sites and re-install with better secuirty etc ?

    Mike.
    Normally, yes. This depends on the nature of your websites whether you can recover "easily" or not. If your sites are wordpress or joomla, for example, you also have databases to worry about. May not be the case if they are just "flat" files (HTML or php usually). Before deleting the "root" content of a particular domain, try uploading your backups to a test folder (for instance, so you can browse to it and view at domain.com/test ) . This is a pretty ok way to see if your backup files might be enough. Hope this gets you started.
    Now: side-note: new G*da**y Linux hosting plans (and reseller clones such as myself) keep a 30 day rolling backup (nightly) of files on hosting account. Recovery/rollback is fairly easy and provided right inside the control center as often as needed, no charge. Not a bad feature, almost makes the slowness nearly worthwhile lol. Good luck!
    Signature
    Support a Warrior, Save Money!
    Rock Bottom Prices on Domains and Website Hosting
    {{ DiscussionBoard.errors[2650876].message }}
  • Profile picture of the author lacraiger
    call them and have them do a rollback. its happened to me before and its an easy fix.
    {{ DiscussionBoard.errors[2650905].message }}
    • Profile picture of the author IMStudentforlife
      Keeping back ups is the best thing you can do, and make them redundant backups. Save on thumb drives, DVDs and online drives because its not just hackers that can get you. Mother nature can be really nasty..

      But if you are over the barrel and there's someone pickin' a banjo and it seems to be a bad rendition of deliverance.. well don't worry..

      If your lucky, really lucky and you've had your site for awhile sometimes you can get most of your posts and what not from
      Internet Archive: Wayback Machine

      Its not a total fix, not like having backups would be but sometimes it can be a fail safe!
      Signature
      Old School SEO and IM, 1MediaZone

      Running low on inspiration?
      The Strangest Secret in the World
      {{ DiscussionBoard.errors[2651228].message }}
    • Profile picture of the author mikeb1
      Originally Posted by lacraiger View Post

      call them and have them do a rollback. its happened to me before and its an easy fix.
      have asked for this lets see what happens

      ta mike

      Originally Posted by IMStudentforlife View Post

      Keeping back ups is the best thing you can do, and make them redundant backups. Save on thumb drives, DVDs and online drives because its not just hackers that can get you. Mother nature can be really nasty..

      But if you are over the barrel and there's someone pickin' a banjo and it seems to be a bad rendition of deliverance.. well don't worry..

      If your lucky, really lucky and you've had your site for awhile sometimes you can get most of your posts and what not from
      Internet Archive: Wayback Machine

      Its not a total fix, not like having backups would be but sometimes it can be a fail safe!
      nope nothing there on the few I tried, the sites I want back are only a few months old and the ones I have tired on the wayback machine produced no results.

      will have a look at that

      Originally Posted by Daniel44 View Post

      I now have my own VPS after the same thing happened to me. It is the only way to completely control what goes in and out of your system. My home computer is the only one with the encryption key to access the server and it is firewalled and locked down after what happened before.

      I lost a forum with over 2000 members, 100 of them were paying members...
      thats a killer dan, the wrenched gut feeling I had must have been a whole lot worse for you, ouch

      Originally Posted by Drizlek View Post

      I have had this happen in the past. Now, I hope that you have been keeping up to date backups of your own sites. If not, then you should try and contact your hosting company. I know some of them actually backup their customers sites every day to every week depending on the hosting company.

      And I know it's a pain, but update your passwords. Make them long and confusing. Yes, I realize that it's hard to keep remembering all these things (there are days I am so grateful for password retrieval/resets it's not even funny) But you could always keep a spreadsheet with all your login information. Then for added protection zip it up and password protect that or name it something random on your computer (not passwords.xlsx or something easy to find for anyone else)
      yeah have started to build manually but what a pain, been using spread sheet for passwords, but I think passwords is not the problem, as CD says its probaly been hacked through my FTP. As he says this is availble to view for anyone using the sh1t as me.

      Originally Posted by Caleb Spilchen View Post

      It's not always something on your sites that causes the problem...

      It can be your computer... Make sure you load it up with a good anti virus.

      Biggest Mistake: Using Windows Defender.

      I ruined 20 Websites, lost thousands of dollars in reports..

      And I bounced back.. .a much smarter person

      Caleb
      been using same anti virus and adware for 18 months anmd never been hacked
      Signature
      Affiliate links are not allowed.
      {{ DiscussionBoard.errors[2653513].message }}
  • Profile picture of the author spearce000
    When you get your site uploaded, look at the file permissions. In particular, look for any files with chmod 777. On a shared hosting account this is like leaving the back door unlocked for hackers. Consider changing them to 755 or 744. The site explains the subject in detail: Changing File Permissions WordPress Codex
    Signature
    WordPress Security Clampdown – was just for the War Room, now available to all Warriors. Protect your WordPress site from hackers. No opt-in required.
    {{ DiscussionBoard.errors[2651878].message }}
    • Profile picture of the author FredJones
      Gosh, you guys are talking UNIX

      There are some excellent secure shell connections. If nothing, download CygWin.

      Secure shell can also be used if you have PUTTY though I have never tried to do any of these for my web hopsting company (hostgator). But in general, yes, these are some of the best ways to go. And yes chmod is also a good option - I would prefer 744 over 755.
      Signature

      $1 gold: WSO That Instantly Transforms You Into A Content Production Engine

      $2.95 GoDaddy .com domains today: Click here.
      I am offering a free website - get it now (and they offer you a free domain with this).
      Find high-commission easy Amazon niches within 5 seconds here.

      {{ DiscussionBoard.errors[2652489].message }}
  • Profile picture of the author ECS Dave
    I was once a midphase customer... NEVER AGAIN!

    Check out a few hosts I am happy with at Top 3 Webhosting Companies - I am still a customer with all 3 of them!

    Be Well!
    ECS Dave
    {{ DiscussionBoard.errors[2652519].message }}
    • Profile picture of the author rts2271
      File permissions are definitely the bane of WP installs. Well that and there weekly exploit.
      {{ DiscussionBoard.errors[2652547].message }}
    • Profile picture of the author Drizlek
      I have had this happen in the past. Now, I hope that you have been keeping up to date backups of your own sites. If not, then you should try and contact your hosting company. I know some of them actually backup their customers sites every day to every week depending on the hosting company.

      And I know it's a pain, but update your passwords. Make them long and confusing. Yes, I realize that it's hard to keep remembering all these things (there are days I am so grateful for password retrieval/resets it's not even funny) But you could always keep a spreadsheet with all your login information. Then for added protection zip it up and password protect that or name it something random on your computer (not passwords.xlsx or something easy to find for anyone else)
      {{ DiscussionBoard.errors[2652558].message }}
  • Profile picture of the author Caleb Spilchen
    It's not always something on your sites that causes the problem...

    It can be your computer... Make sure you load it up with a good anti virus.

    Biggest Mistake: Using Windows Defender.

    I ruined 20 Websites, lost thousands of dollars in reports..

    And I bounced back.. .a much smarter person

    Caleb
    Signature

    Caleb Spilchen

    {{ DiscussionBoard.errors[2652605].message }}
  • Profile picture of the author JonAlfredsson
    Glad you've restored all your contents back. What I know is you can reinstall with better security solution. You just need to contact your service provider and tell them what you want to do on your sites.

    Don't forget to back up starting today.
    Signature

    {{ DiscussionBoard.errors[2652621].message }}
  • Profile picture of the author pydy9916
    I was a midphase customer 3 years ago when I first started out...first site was hacked in a matter of weeks, from someone in Europe ( I was able to trace the idiot).

    Midphase advised me not to give out my password to people!..I proceeded to tell them they are idiots with lousy security and closed the account. Hostgator is the only one for me know.
    {{ DiscussionBoard.errors[2652643].message }}
  • Profile picture of the author Daniel44
    I now have my own VPS after the same thing happened to me. It is the only way to completely control what goes in and out of your system. My home computer is the only one with the encryption key to access the server and it is firewalled and locked down after what happened before.

    I lost a forum with over 2000 members, 100 of them were paying members...
    {{ DiscussionBoard.errors[2652715].message }}
  • Profile picture of the author poker princess
    Thatz the only reason, we have strong passwords and lots of backup plans carried out for each and every single account

    Cdarklock has given great info, appreciated
    Signature
    Poker Software
    Poker Blog
    Life is GOOD! :)
    {{ DiscussionBoard.errors[2652745].message }}
  • Profile picture of the author johnben1444
    I would advice talking to your hosting company, thou there might be little you can achieve but no harm.
    {{ DiscussionBoard.errors[2654184].message }}
  • Profile picture of the author rawservices
    Bummer to hear this man!

    I've been way to lax on not using ssh and sftp, I will be totally be using this from now on!
    {{ DiscussionBoard.errors[2654186].message }}
    • Profile picture of the author judith obrien
      I would try talking to the posting company,that is horrible to hear and is something i would not wish uppon my worse enemie.Very sorry to hear that.
      {{ DiscussionBoard.errors[2654388].message }}
  • Profile picture of the author DuaneZ
    What is the best way to back up all your data on sites? I have seen plugins that do this but I see there are a lot of experienced people here and was wondering if some of you would be able to tell us what you do for your back ups and how often you do them?

    Is there a way to do this through a network storage device that is home based?
    {{ DiscussionBoard.errors[2708848].message }}
    • Profile picture of the author lamasta
      Originally Posted by DuaneZ View Post

      What is the best way to back up all your data on sites? I have seen plugins that do this but I see there are a lot of experienced people here and was wondering if some of you would be able to tell us what you do for your back ups and how often you do them?

      Is there a way to do this through a network storage device that is home based?
      I have also lost entire websites previously but I now utilize a website backup and clone software namely; WP Twin for the best solution for Wordpress blog backups. You can back up your websites simply with a couple clicks to any storage device to include Amazon s3 for inexpensive online storage space.

      Also check with "Tamer" on the WorriorForm for a $17 dollar script that runs with WP Twin for an automatic backup script to ensure you will never experience your pain again! Ha
      Signature
      Looking for simplicity with building your Facebook Fanpages? Free Tool Here
      GET YOUR 'NINJA' TRAFFIC TOOLKIT HERE FOR FREE - Includes 'Keyword Blueprint' And 'Link Blueprint'
      Steve Clayton Products
      {{ DiscussionBoard.errors[3177199].message }}
  • Profile picture of the author Dwight Anthony
    Really sorry to hear that, i definitely would start by changing my password(s) pronto and I usually keep backups of all sites i put out there.
    {{ DiscussionBoard.errors[2709142].message }}
  • Profile picture of the author Sardent
    Former Midphase customer as well.
    Signature
    {{ DiscussionBoard.errors[2709193].message }}
  • Profile picture of the author un
    well this discussion scared me enough to go make some fresh backups...
    Signature
    {{ DiscussionBoard.errors[2709243].message }}
    • Profile picture of the author Will Compton
      That's sad to hear. I'd say HTML websites are just as vulnerable as WordPress sites, but if you do have a WordPress site take steps to secure it by changing file permissions like spearce000 said, and install backup and security plugins:
      WordPress Backup & Security Plugins

      WordPress Database Backup
      - This is essential for every WordPress install! WordPress database backup creates backups of your core WordPress tables as well as other tables of your choice in the same database.

      Secure WordPress
      - Secure your WordPress Installation with small functions.

      WordPress Firewall - This WordPress plugin investigates web requests with simple WordPress-specific heuristics to identify and stop most obvious attacks. There exist a few powerful generic modules that do this; but they're not always installed on web servers, and difficult to configure.

      Block Bad Queries (BBQ)
      -
      Many WordPress sites gets attacked with extremely malicious code, fortunately Jeff Starr wrote a simple script that checks for excessively long request strings (i.e., greater than 255 characters), as well as the presence of either eval( or base64 in the request URI.
      {{ DiscussionBoard.errors[2711841].message }}
      • Profile picture of the author traceface
        I thought my blog was secure until I read your advice for this post. I immediately put up the Firewall and Jeff Starr's plugin that looks for malicious strings. (I already had the other two you recommended).

        I feel lucky I haven't lost something before now!

        Thanks so much!

        Originally Posted by Will Compton View Post

        That's sad to hear. I'd say HTML websites are just as vulnerable as WordPress sites, but if you do have a WordPress site take steps to secure it by changing file permissions like spearce000 said, and install backup and security plugins:
        WordPress Backup & Security Plugins

        WordPress Database Backup[/URL] - This is essential for every WordPress install! WordPress database backup creates backups of your core WordPress tables as well as other tables of your choice in the same database.

        - Secure your WordPress Installation with small functions.

        This WordPress plugin investigates web requests with simple WordPress-specific heuristics to identify and stop most obvious attacks. There exist a few powerful generic modules that do this; but they're not always installed on web servers, and difficult to configure.
        -
        Many WordPress sites gets attacked with extremely malicious code, fortunately Jeff Starr wrote a simple script that checks for excessively long request strings (i.e., greater than 255 characters), as well as the presence of either eval( or base64 in the request URI.
        {{ DiscussionBoard.errors[3278010].message }}
  • Profile picture of the author F1SEO
    Yeesh that's bad.

    If you were in the UK I would say ... host with these guys -> cPanel Hosting, Domain Name Registration, Virtual and Dedicated Servers - Vidahost Fast UK Web Hosting

    Because:

    a) They have R1Soft Backup Software operating on all their servers and all their accounts. This means you can get EVERYTHING back should the worst ever happen.

    b) They're hot on security.

    c) They take care of everything and look after their servers. They don't oversell either. When a server is running at optimum number of websites they invest in new high end servers.

    But I guess you're US based?
    {{ DiscussionBoard.errors[2712174].message }}
    • Profile picture of the author mikeb1
      Originally Posted by F1SEO View Post

      Yeesh that's bad.

      If you were in the UK I would say ... host with these guys -> cPanel Hosting, Domain Name Registration, Virtual and Dedicated Servers - Vidahost Fast UK Web Hosting

      Because:

      a) They have R1Soft Backup Software operating on all their servers and all their accounts. This means you can get EVERYTHING back should the worst ever happen.

      b) They're hot on security.

      c) They take care of everything and look after their servers. They don't oversell either. When a server is running at optimum number of websites they invest in new high end servers.

      But I guess you're US based?
      No I live in the uk, just been hacked again, so will give this a look

      Thanks Mike
      Signature
      Affiliate links are not allowed.
      {{ DiscussionBoard.errors[3135595].message }}
      • Profile picture of the author zapseo
        Originally Posted by mikeb1 View Post

        No I live in the uk, just been hacked again, so will give this a look

        Thanks Mike
        Don't know what happened between the first and second time you were hacked.

        Of the sites I've been cleaning lately, many of them were actually broken into months ago -- last Aug, last Sept and even 1 that was broken into 18 mos ago.

        Many sites are hacked but don't contain a virulent infection -- just backdoors.

        If you need some help feel free to contact me via pm.

        Testimonials available from the link in my sig (Warriors-For-Hire thread.)

        Live JoyFully!

        Judy
        {{ DiscussionBoard.errors[3136034].message }}
      • Profile picture of the author JMSD
        Originally Posted by mikeb1 View Post

        No I live in the uk, just been hacked again, so will give this a look

        Thanks Mike
        Who were/are you hosting with when your sites were hacked into?

        I hope you resolve the problem.
        {{ DiscussionBoard.errors[3137659].message }}
        • Profile picture of the author nssp
          It is disappointing that hackers trying to get benefit on someone else work.. did u get that problem sorted??
          {{ DiscussionBoard.errors[3137683].message }}
      • Profile picture of the author turbot
        I also use Vidahost - who I can say, unequivocally, are the best hosting company I've ever experienced.
        {{ DiscussionBoard.errors[3347005].message }}
  • Profile picture of the author Bildeberg
    If you use Joomla for your sites, I can highly recommend the free, open source extension Akeeba Backup. It really makes backing up joomla sites (files and databases) and restoring them a breeze. Still looking for an equally good plugin for Wordpress.
    {{ DiscussionBoard.errors[2735879].message }}
  • Profile picture of the author Robert Colle
    Oh really sorry man. I must say I never really bordered with backing up my sites and all that security stuff because I always thought why would a hacker go after my little and good looking or average looking sites rather the big fine and marvelous looking sites.
    But after reading this I think I have start to think twice and will do a full day to day back up so that I don't get to come here and announce to you guys my own bad news.
    {{ DiscussionBoard.errors[3135705].message }}
  • Profile picture of the author Gary King
    So Mike,

    Did your hosting company help? I'm hoping you've gotten things sorted out and are taking your own backups in addition to whatever they are doing?

    It's easy after a recovery to say, ok, I gotta start doing backups and then life steps in and you don't get to it.

    If the hosting company can't help with any kind of backup to restore for you, you may consider seeing if you can scrape some of your own content from archive.org.

    Go here:
    Internet Archive: Digital Library of Free Books, Movies, Music & Wayback Machine

    (not an affiliate link of any kind)

    Enter your web site address in the box that says "Way Back Machine".

    They are basically an indexer - kinda like a search engine, but they keep copies of sites as they change. The last date displayed for a site is the one to click... you could view the source, copy it off and re-create the html anyway... if graphics are shown, you can right-click and save them.

    If it was a wordpress or other cms install, it may not help as much, but you could perhaps copy/paste the text from the posts at least.

    Hope it helps.

    Gary
    Signature

    ===========================
    OFFLINERS! Warning: Unless You Know These Pricing Secrets, You are Leaving THOUSANDS on the Table. Get Your Free Report Now.
    {{ DiscussionBoard.errors[3137895].message }}
  • Profile picture of the author Dwight Anthony
    Man, what a kick in the n*ts. I always keep a local backup of every site I upload. Sounds good that you have your content, but even then it's not a walk but better than nothing. I recommend an easy plugin for WP if they are WP sites like Backup Buddy and the new Wp Twin. Makes complete backups and restores of WP site flawless.


    Originally Posted by mikeb1 View Post

    Hi All

    I would appreciate any help, I have had everyone of my websites hacked, 18 months of toil and around 100 websites all gone, and from what Ive been reading on yahoo answers etc, there is not a darn thing I can do about it.
    Any help much appreciated.

    Best Mike.
    {{ DiscussionBoard.errors[3177717].message }}
    • Profile picture of the author stevex
      That sucks big time man. I had a couple of my forums hacked off my websites but that was about it. Maybe there is some kind of legal action you can take?
      {{ DiscussionBoard.errors[3257115].message }}
  • Profile picture of the author WarriorGal
    I didn't realize hacking could be a problem. I'll definitely keep backups from now on. I feel for you Mike. Thank you for sharing and seeking advice here. I think it's made a few of us think twice about something we hadn't thought about at all.

    Linda
    {{ DiscussionBoard.errors[3177794].message }}
  • Profile picture of the author Helen Mortensen
    Hello

    I just hate all these criminals destroying the internet and our hard work.
    This is what just happened to our WP-site...hosted at HG for years.

    We recently decided to scan our website, and we realized, that the WP-template we used, had malicious virus planted there, even before we downloaded it ...so I deleted it... and yes, we did have backups. (this was our research-work for passed 3 yrs, with hardly any traffic)

    We decided to move the domain and start fresh with a host closer to home, Sweden, and this is when my domain gets hijacked, when unlocking it for transfer to the new webhotel.

    Transfer failed and I had to annulate the order completely and it is now parked and locked at the registrar. (and Yes it is paid for)

    When googling my domain-name: biochromalab.com it is redirected to an obscure site.

    I looked them up...and they specialize in hijacking domains... they are the infamous "searchdiscovered.com" hosted at ztomy.com.

    They operate under several names, and they have stolen sites and domains since 2007. How to report them?

    I want my domain back!! But don't know how or where to turn.
    Please, does anyone know what I can do?
    Signature

    As above - So below Hermes Trismegistos

    {{ DiscussionBoard.errors[3256347].message }}
    • Profile picture of the author Brian Alaway
      Originally Posted by Helen Mortensen View Post

      Hello

      I just hate all these criminals destroying the internet and our hard work.
      This is what just happened to our WP-site...hosted at HG for years.

      We recently decided to scan our website, and we realized, that the WP-template we used, had malicious virus planted there, even before we downloaded it ...so I deleted it... and yes, we did have backups. (this was our research-work for passed 3 yrs, with hardly any traffic)

      We decided to move the domain and start fresh with a host closer to home, Sweden, and this is when my domain gets hijacked, when unlocking it for transfer to the new webhotel.

      Transfer failed and I had to annulate the order completely and it is now parked and locked at the registrar. (and Yes it is paid for)

      When googling my domain-name: biochromalab.com it is redirected to an obscure site.

      I looked them up...and they specialize in hijacking domains... they are the infamous "searchdiscovered.com" hosted at ztomy.com.

      They operate under several names, and they have stolen sites and domains since 2007. How to report them?

      I want my domain back!! But don't know how or where to turn.
      Please, does anyone know what I can do?
      This post is dated but still worth reading if you haven't already. May help?
      Collective effort restores David Airey.com | David Airey, graphic designer
      {{ DiscussionBoard.errors[3260102].message }}
  • Profile picture of the author satrap
    Email your host and ask them if they have a backup, if yes, ask them to restore your files.

    I had uninstalled wp on my blog accidentally once and didn't have backups. Someone here suggested I ask my host (host monster) I did and they restored everything the next day, though i lost only a few posts whcih was no big deal.

    After that, I realized the importance of backups, now I have automatic backups weekly sent to my email.

    I really hope you get your sites back. It must be a horrible feeling. I am really sorry.
    Signature
    60 Awesome Ways to Make Money Without a Job
    .................................
    Check out my blog Survey Satrap featuring honest reviews of paid survey sites.
    {{ DiscussionBoard.errors[3256693].message }}
  • Profile picture of the author Helen Mortensen
    Thanks for your reply,

    Yes, hopefully there are legal actions to take ...but where?

    It is outrageous that those criminals at ztomy.com aren't black-listed, taken to court and sentenced. They have ruined so many ppl.

    As for the site at HG, I simply deleted it, and cancelled the hosting of it, as the WPtemplate was too contaminated and I want to start with a "clean sheet".

    And I got another domain ext. as well. But I still want my .com back! (it is now locked and parked).

    Today, when googling biochromalab.com I did land on the proper registrar site.

    How can I check the domain text-code... to find and eliminate hacked strings inserted there, since clicking on domain-link at the registrars landing site does not allow me to edit in the said text-code.

    Is there a solution to make it editable?
    Or is there a way to scan your domain-name?
    I am not a wizard in this problematic field and I am greatful for help!

    Thanks in advance
    Helen
    Signature

    As above - So below Hermes Trismegistos

    {{ DiscussionBoard.errors[3259419].message }}
  • Profile picture of the author Giani
    Damn. I should take backup of my websites and blogs too....soon.
    Signature

    {{ DiscussionBoard.errors[3259560].message }}
  • Profile picture of the author Shane Hale
    Yeah most hosts will back your site up for a small fee. I run my back ups for all my hosting clients Mon Wed Fri. Sounds like you need to change your host.

    If you are on a shared account they should be protecting some of your stuff from getting hacked. Change your passwords and check your scripts for any permissions problems. Also update all of you scripts like Wordpress and the plugins as well.

    Peace
    Shane
    {{ DiscussionBoard.errors[3259606].message }}
    • Profile picture of the author W.P. Allen
      That's sad to hear. I'd say HTML websites are just as vulnerable as WordPress sites, but if you do have a WordPress site take steps to secure it by changing file permissions like spearce000 said, and install backup and security plugins:
      WordPress Backup & Security Plugins

      WordPress Database Backup - This is essential for every WordPress install! WordPress database backup creates backups of your core WordPress tables as well as other tables of your choice in the same database.

      Secure WordPress - Secure your WordPress Installation with small functions.

      WordPress Firewall - This WordPress plugin investigates web requests with simple WordPress-specific heuristics to identify and stop most obvious attacks. There exist a few powerful generic modules that do this; but they're not always installed on web servers, and difficult to configure.

      Block Bad Queries (BBQ) - Many WordPress sites gets attacked with extremely malicious code, fortunately Jeff Starr wrote a simple script that checks for excessively long request strings (i.e., greater than 255 characters), as well as the presence of either eval( or base64 in the request URI.
      Thanks for these. Just put them up.
      {{ DiscussionBoard.errors[3259964].message }}
  • Find a hosting company that takes backups and security seriously!
    As an online marketer myself, I know how important backups are and how quickly an entire server can be wiped out.

    That's why our servers have a super high data protection setup.
    Not only are our servers protected with CDP, but take full advantage of a raid-10 disk configuration.
    Signature
    {{ DiscussionBoard.errors[3260027].message }}
  • Profile picture of the author Helen Mortensen
    We are now at our new host, starting fresh!

    I will take the advices in previous posts and install all the security measures mentioned. (Host makes daily backups too)

    Thanks a lot, all of you, for excellent advice!

    This forum is the best there is.
    I am glad to be a member of such a splendid community.
    Signature

    As above - So below Hermes Trismegistos

    {{ DiscussionBoard.errors[3277855].message }}
  • Profile picture of the author davewebsmith
    Most of the issues can be overcome very easily.

    1) make sure you password is secure. try https://www.grc.com/password.htm for strings

    2) make sure your software is backed up. You can schedule a backup in CPanel to a folder for

    ex. http://www(.)mydomain(.)/random252350-rtgt34t/

    and you can then download your completed backups from this folder.

    3) Make sure your softwae is upto date. Eg) Most defaces are exploits that are discovered and fixed with updates that stay vulnerable because no updates are done

    wordpress is well known for defaces as most people dont know updates are needed. Just like anti virus needs to be updated and recent - so do your web based scripts

    4) Limit the number of AddOns you use on one domain - and if that is your choice make sure the root (primary domian) has a 24 character password.

    Eg) On an unlimited domain account like all hosters supply the root is breached the entire estate is vulnerable.

    Options include a hosting package that offers WHM so you can create seperate container accounts to limit security threats

    5) Run Anti virus / Malware software to limit vulerablilty to keyloggers and other trojans that can steal data

    6) Update your browsers to ensure vulnerabilities are closed

    DaveWebSmith
    Signature
    watch this space ...
    {{ DiscussionBoard.errors[3347290].message }}
  • Profile picture of the author sarahberra
    Oh my! I'm so sorry. What hosting company were you using. I have all of these security plugins set up with wordpress. I don't know how on earth people can actually hack into a website, but they do.
    {{ DiscussionBoard.errors[3347365].message }}
  • Profile picture of the author davewebsmith
    Google - SQL Injection as an example

    Like the "Jaibreak" on Iphone - so Apple release the update so the hackers find the vulnerabilities and so on ...

    Wordpress is open source. That means anyone can access the code. You add plugins - who wrote them - do they create new vulnerabilities / Yes / No

    Its a game of cat and mouse ... keep your wordpress updated (you can do this in the admin area and backups and you will be fine.

    DaveWebSmith
    Signature
    watch this space ...
    {{ DiscussionBoard.errors[3347386].message }}
  • Profile picture of the author Helen Mortensen
    Just a short update-message,
    My domain .com is now redirected to our new site.
    The old one was spread like a virus to all sorts of sites not belonging to us.

    We skipped WP and made a Joomla site and it is now so "heavily garded", we almost can't get in ourselves, lol.

    Correction: in one of my previous post, I meant start from a "clean slate" not a clean sheet, (I asume we all have that) well, well, we foreigners might be excused... you never know what we come up with, lol.
    Signature

    As above - So below Hermes Trismegistos

    {{ DiscussionBoard.errors[3377190].message }}
    • Profile picture of the author Manoj V
      I have domains registered with GoDaddy and Namecheap. I was using Justhost for hosting for a year but renewed with Hostgator last month. Most of them were just domains and I had not started building sites on them yet. A few of them were sites but I do not have a backup.

      When I checked today I saw that most of my domains are getting forwarded to searchdiscover.com and showing some kind of parked site. I did read through this thread but I will be grateful if someone could tell me what I exactly should do next. Most of them were just domains. All are registered in my name so have I lost the domains or just the sites for the few that were built.
      {{ DiscussionBoard.errors[5396134].message }}
  • Profile picture of the author SinSimon
    Contact your hosting providers, they will be able to help you.
    {{ DiscussionBoard.errors[5396158].message }}
  • Profile picture of the author rvrabel2002
    Has anyone ever heard of, or used, sitelock? I have the option of getting it on my account at hostgator, but I am unsure if I even need it.
    Signature

    {{ DiscussionBoard.errors[5396298].message }}
  • Profile picture of the author Manoj V
    I did contact Hostgator and they said that Namecheap and GoDaddy are using my domains as ad space. Seems it's all ok, nothing wrong there.
    {{ DiscussionBoard.errors[5396463].message }}
  • Profile picture of the author Les Blythe
    Thanks for the reminder guys - making a complete backup NOW!
    Signature
    Download my FREE eBook now!
    {{ DiscussionBoard.errors[5396464].message }}
  • Profile picture of the author Osman_M
    Backup everything and anything. If its wordpress sites, its very easy.
    {{ DiscussionBoard.errors[5397271].message }}
  • Profile picture of the author Randall Magwood
    What did your web hosting provider have to say about it? Did you contact them for support?
    {{ DiscussionBoard.errors[5397503].message }}
  • Profile picture of the author arranrice
    Contact your host.. or is it to late?
    {{ DiscussionBoard.errors[5397528].message }}

Trending Topics