Warrior Forum - The #1 Digital Marketing Forum & Marketplace

Warrior Forum - The #1 Digital Marketing Forum & Marketplace (https://www.warriorforum.com/)
-   Plug-In Profit Site Support Forum (https://www.warriorforum.com/plug-profit-site-support-forum/)
-   -   They Said, My Site Was Hacked By Them. How True This Claim Is?? (https://www.warriorforum.com/plug-profit-site-support-forum/578665-they-said-my-site-hacked-them-how-true-claim.html)

GomerMagtibay 11th April 2012 05:13 PM

They Said, My Site Was Hacked By Them. How True This Claim Is??
 
I recently went to Google and typed in my website's domain name pipsbygom.com. I was shocked to see this on the 4th of the search results:

www.pipsbygom.com hacked by FLoOoD HacKeR

www.zone-h.org/mirror/id/15862342 - Translate this page

23 Nov 2011 – www.pipsbygom.com hacked by FLoOoD HacKeR.


Although this is no longer a big deal to me, look at the date, it's way past behind, November 23 of 2011, and I have already changed my WP login username and password, and also I'm already planning to change my domain name to a more SEO-friendly one (this domain name pipsbygom.com will no longer be used), and have my current website reset to its original setup (default), but I still wonder how true this claim is.

Any insight or advice on this?

Stephen Meyer 12th April 2012 09:14 AM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
I had a similar hack and it wasn't a big deal. They put a code in that Google sees nd it gives them bragging rights, my guess anyway. It's been so long I don't remember if or how I fixed it.

When you get a new domain don't use Fantastico to install WP. Fantastico installs all use common factors that hackers can identify quickly. Install by uploading thd files.

Wordpress users should understand its not a matter of "if" they will get hacked its a matter of "when". unique installs make it a little harder.

Patrician 12th April 2012 11:15 AM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
I had to deal with hundreds of sites that were DEFACED by the same hack Gomer cites.

It was really a bad one. The malware was in index.php and even when cleaned it corrupted the formats (removed footers etc) and now another element which is 'cached' back links (I guess you would call it).

I know there was a post here once about how to remove links from Google and I wish somebody would come here and post it so you can get rid of that. Maybe you could Google it yourself and post it here Gomer.

GomerMagtibay 12th April 2012 04:07 PM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
So, you mean this is true, they really hacked my site last November of 2011. I recall I got some problems with my footer then. It disappeared. Also, I recall, I got a problem logging in and requested for a password reset. So, it's true. I can't believe it happened to me. When I saw that in Google yesterday, I thought it's just a joke or someone is just trying to grab my attention and just leading me to visit their ugly page where they brag they have successfully hacked my site, and if visit the page, a spyware will be inserted to my computer...

GomerMagtibay 12th April 2012 04:13 PM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
Quote:

Originally Posted by Patrician (Post 6030257)

I know there was a post here once about how to remove links from Google and I wish somebody would come here and post it so you can get rid of that. Maybe you could Google it yourself and post it here Gomer.

Okay. I'll try search for that, and if I find it, I'll post/share it here. Thanks Pat. :)

Jeffery 12th April 2012 05:21 PM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
Gomer,

Can you look to see if this page is on your server:
I see it is a "live" link on your server when I surf to it, but there is hidden code elsewhere on your site that is hiding it from scanners.

Look via FTP or your Cpanel Comtrol Panel. If it is on your server, it is a backdoor. I suggest that you delete it and do not transfer anything from the domain to your new domain - even articles.

Jeffery 100% :-)

Jeffery 12th April 2012 05:24 PM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
Quote:

Originally Posted by Patrician (Post 6030257)
I had to deal with hundreds of sites that were DEFACED by the same hack Gomer cites.

It was really a bad one. The malware was in index.php and even when cleaned it corrupted the formats (removed footers etc) and now another element which is 'cached' back links (I guess you would call it).

I know there was a post here once about how to remove links from Google and I wish somebody would come here and post it so you can get rid of that. Maybe you could Google it yourself and post it here Gomer.

It s is done via GWT, Google Webmaster Tools. Can't remember the steps, but its all there.

Jeffery 100% :-)

Patrician 12th April 2012 06:36 PM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
oh Jeffery what would I do without you some days.

Yes that is the hacked file they injected. I can remove it if I can get into the cpanel.

http://www.pipsbygom.com/indexx.html

It is not a cached link - that was what I thought we were talking about.

ok - Gomer let me have a few minutes.

OK I NUKED IT FROM WHM.

Sorry Gomer I guess I didn't realize what you were saying.

Please contact me at the helpdesk so I can now give you your footer and header back.

(I need Wordpress username and password)

GomerMagtibay 13th April 2012 04:53 AM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
@Pat: It's okay. I'll be registering a new domain name by Monday and will request for a brand new website from you. I have done this many times in the past, and you may be wondering why do it again? Why change domain names and reset website so often?

Well, plans change. Mistakes happen. And I have also learned new things about SEO this past few weeks. I became a student again. I was active in other threads here trying to learn everything I can about domain names and SEO. I have spent the last few days thinking of a new domain name to register, one that contain keywords that I will also use in my anchor links, and also one that contain my nickname attached to it for personal branding.

I will just discard my current website at pipsbygom.com (the one that was hacked) and will just use its URL forwarding feature, to be pointed to the new domain name. It's okay for me to just discard the website again, because it still lacks content and backlinks. I will just consider the old one as a learning experience, and will just make up (be more serious) with the next one.

This time, I will be more extra careful with regard to my site's security. I remember one topic here about the importance of changing the login username from "admin" to a username of your choice, and making passwords harder to guess. Plus, regular checking in the cpanel for some unwanted changes and alterations.

goleza 13th April 2012 10:47 AM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
"It's not a question of IF they will hack into your website, it's a question of WHEN."

This is so scaring. It presumes that all websites have to be hacked into at one time. It's so worrying. Any preventive measures to stop hackers? Can someone share with us?

Patrician 13th April 2012 11:16 AM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
Quote:

Originally Posted by GomerMagtibay (Post 6035336)
@Pat: It's okay. I'll be registering a new domain name by Monday and will request for a brand new website from you. I have done this many times in the past, and you may be wondering why do it again? Why change domain names and reset website so often?

I will just discard my current website at pipsbygom.com (the one that was hacked) and will just use its URL forwarding feature, to be pointed to the new domain name. It's okay for me to just discard the website again, because it still lacks content and backlinks. I will just consider the old one as a learning experience, and will just make up (be more serious) with the next one.

This time, I will be more extra careful with regard to my site's security. I remember one topic here about the importance of changing the login username from "admin" to a username of your choice, and making passwords harder to guess. Plus, regular checking in the cpanel for some unwanted changes and alterations.

Gomer - It's up to you - to be honest though the small 'points' for keywords in the domain name are LESS than the value of the momentum you have built with your domain name over time. You will lose all the back links, etc. for the old name.

And content? You do have lots of content. To give you a brand new theme on the same domain you will retain all of your blog posts automatically. To start over with a new domain name you will need to back up your files in Wordpress tools and then upload them to the new domain after I install the brand new site and theme there.

Some people say oh that's ok I have copies of all my articles. Yes, but they will have a new date - so again you are losing momentum on the age of the posts - (and domain name age also counts).

... but again - we are here to make you happy so just let me know @ the helpdesk all your information whenever you are ready to do it either way.

btw - I am sorry about the hack - it was a terrible time for me - with hours and hours of running around cleaning it up and fighting with the host people to help me.

We did send emails to people but the majority noticed it when their site was defaced and contacted me - so I worked from both sides. Many people never responded either way. Yours was one that was cleaned by the host in a group, but since you never contacted me about the footers being gone (which was the only 'symptom' of the malware having ever been there after it was cleaned) I never knew yours was one that still had that ugly file.

This was my first first-hand experience with something like this and now I see how really evil hackers are and how much damage they can do. It's no joke a bunch of teenagers playing around - well they may be teenagers but they are the demon seed!

Patrician 13th April 2012 11:34 AM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
Quote:

Originally Posted by goleza (Post 6037436)
"It's not a question of IF they will hack into your website, it's a question of WHEN."

This is so scaring. It presumes that all websites have to be hacked into at one time. It's so worrying. Any preventive measures to stop hackers? Can someone share with us?

HI Goleza - pretty much what Gomer says and that I have said many times are things you can do to keep your site safe(r) but just remember nothing is bullet-proof.

Don't worry excessively except to keep making back ups frequently IN CASE something happens so you can recover.

It starts with having a good reliable, up to the minute version of anti-virus software - if possible to include a software firewall and a real-time shield. It is amazing to me how many people will not spend even a penny for this and it is the real backbone of any security.

However there are some free ones that you can use that are reliable like AVAST, MalwareBytes, etc.* ALWAYS try to download directly from the source - not just some site that advertises they have free AVAST or whatever - and this is true of any downloads. Scan the file if possible before you install it -

(of course never open email attachments unless you know who they come from - and even then you can catch worms from people who don't even know they have them or whose email address has been hacked and being used by a miscreaent.)

The next thing is the password for your cpanel and Wordpress - we generate really gnarly looking passwords harder to crack for example

#pZtb8&(]?cXc%

Come back a week later and they are changed to 'Bill1967' -

Never use real words or easy dates like Bill or 1967
Use a COMBINATION
- Both UPPER and lower-case letters
- Ramdom Numbers
- Special Characters like $%^&*()-+=~!@<>?;:'"
- At least 9 digits/characters

They should be changed frequently - every few months and ALWAYS if you let anyone know the password to do work for you, change it immediately after they are done working. Even your best, most trusted friend - what if they are hacked????

Don't use 'Admin' or 'admin' for your Wordpress username. I am now setting up the persons first name as a username instead of admin since I learned about this.

Check your site frequently just to see how it looks - if you have seen the defacement that for example this hack caused you will see it is real obvious.

But there are other things they do that are not so obvious - like inject one little link you might not recognize at first - this can be a phishing link -

Keep your Wordpress and plugin VERSION UP TO DATE - if you see there is an update -JUST DO IT. takes a few clicks and a few seconds

BACK UP BACK UP AND THEN BACK UP YOUR SITE WHILE IT IS STILL CLEAN. IN CASE

If not you may have no choice but to start over from scratch with a new site and new content if a really malevolent group gets a hold of your site.

But don't worry inordinately either -- I have had websites for 8 years and never hacked. knock on wood.

* for extra security a router on your PC provides a hardware firewall because really really horrible hacking - much worse than defacement like we had can happen when some devil detects and uses your open, unused ports on your PC to come and live there - they can send spam and send worms etc to other systems and it looks like it is coming from you. Computers infected in this way are called 'zombies'. You never even know it is happening. To find those you need an anti-virus that includes a 'root kit buster'.

Sleep tight tonight! LOL.

p.s. I am now installing spam blocker plugins on all new Wordpress sites - if you don't have one, get one free from Wordpress. Just go to 'plugins' and at the top click 'add new'. search for 'spam free wordpreess' - a list comes up - Click 'install' and then click 'activate' -- the ones I use are the 5 stars or 4.5 - MP Spam Be Gone, Spam Free Wordpress and Spam IP Blocker. This will cut down on the possibility of any phishing links in your comments.

Be sure to set your comments to 'moderate' them - don't approve anything unless the link is from a site related to your niche - I used to say and unless they speak directly to your article they are commenting on - but the devils are clever now and they make it sound so sincere - 'we loved your article' -etc. You can pretty much tell especially if you have several comments with the same name or link. Then after you have the plugin installed you won't get much like that...

Stephen Meyer 13th April 2012 03:27 PM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
I use this site for both user names and passwords. It gives much greater protection than the normal user created login information. Strong Password Creator - Free Online Password Generator!

I use it to make user names but do not use the "symbols". 7 characters is all thats usually needed. Most people use "Admin" or something familiar but it's to easy to figure out.

For the password I use all choices and 11 characters usually.

Allen Lundy 21st April 2012 11:49 PM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
This may sound weird, but, inside cPanel under the "Domains" section is where you would do "Addon domains". If you click that, on the next page is a password generator.

When ever I need a crazy password, one that I KNOW isn't going to be easy to hack, I just click the "Password Generator" button and it provides me with a password that looks like this: m?6ZNA%9{%v_

So, that's how I come up with my passwords... of course I have an excel spreadsheet with all my passwords for each of my sites, believe me, there's NO WAY I'd remember my passwords for all my sites and memberships... Ü

Just a quick tip in case you have a problem coming up with a password that you want to use for your own sites.

Allen

GomerMagtibay 22nd April 2012 05:09 AM

Re: They Said, My Site Was Hacked By Them. How True This Claim Is??
 
Thanks for that, Allen. Is that inside GVO? Is your site already hosted by GVO?

I am also thinking of keeping a record of all my usernames and passwords in paper, like in a small notebook, and not in my PC. I used to save my passwords using notepad in a folder, and can be easily accessed through my desktop. Not anymore...


All times are GMT -6. The time now is 09:47 PM.