6 {{ upvoteCount | shortNum }}
6 {{ upvoteCount | shortNum }}

bertali

by monere
6 replies
Hi,

I see an URL in my tracking (I use histats for tracking) report that goes like this:

http://www.mydomainname.com/~bertali/wp-admin/js/source/1155507930/axs/indexx.php (I replaced my actual domain's name with "mydomainname" but everything that follows after .com is accurate)

I pasted this URL in the browser and I got a "reported web forgery" warning (the one with red screen), and I'm afraid this might be a virus or something bad anyway. Yet, my website loads and functions well for now.

So, does anybody know what this "~bertali" thing is, and if I should worry about it or not? Also, I tried locating it in my hosting account via FTP but I couldn't.
#bertali
  • Profile picture of the author PeachCoding
    Sounds like you're on cPanel hosting. As the "/~bertali/" part of the url is a standard cPanel way of loading your website before you point the domain to the account. So "bertali" is the username of either your account or another account on the same server as your hosting account.

    As to the "reported web forgery" error, that could be a number of things. Now I have cleaned many WP infections for clients in the past and the filename at the end of your URL indexx.php is too familiar and leads me to the conclusion that your WP website has been infected with a spamming bot.

    I would recommend contacting your hosting company to confirm, but I will let you know ahead of time that once they confirm the site is infected they will more than likely disable http access to your account until you get that infection cleaned.

    Cleaning an infected WP is not horribly hard but it does take an above average experience level on WP management.
    Signature

    Services offered: PSD to Wordpress, Joomla, Drupal Templates or Full Site, Custom PHP or C# Programming, Fix problems on any software, and more.

    You will get 25% OFF all services by mentioning the Warrior Forum. PM me here or email me to ivanphp404@gmail.com if interested and/or if you have questions.

    {{ DiscussionBoard.errors[10484131].message }}
    • Profile picture of the author monere
      Well, thanks. This confirms that it's something bad with my website, even if it's not apparent.

      Also, yeah I'm on cpanel. And also (and since you brought this up), yeah I do remember having another website hacked a month, or two ago, and contacting my hosting's support they said something along the lines "next time when we catch you with a website hacked we suspend your account". Not sure if these were the exact words, but I remember how infuriated I was for getting the blame for something I wasn't guilty of. That's when I decided I wanted to change my hosting provider.

      But anyway, I digress... the point is that I need to get this fixed ASAP, even though I have no idea how ... Guess I'll google it.

      Thanks a lot for the clarification!

      Originally Posted by PeachCoding View Post

      Sounds like you're on cPanel hosting. As the "/~bertali/" part of the url is a standard cPanel way of loading your website before you point the domain to the account. So "bertali" is the username of either your account or another account on the same server as your hosting account.

      As to the "reported web forgery" error, that could be a number of things. Now I have cleaned many WP infections for clients in the past and the filename at the end of your URL indexx.php is too familiar and leads me to the conclusion that your WP website has been infected with a spamming bot.

      I would recommend contacting your hosting company to confirm, but I will let you know ahead of time that once they confirm the site is infected they will more than likely disable http access to your account until you get that infection cleaned.

      Cleaning an infected WP is not horribly hard but it does take an above average experience level on WP management.
      Signature

      Try not to become a man of success but rather to become a man of value - Albert Einstein

      {{ DiscussionBoard.errors[10484211].message }}
      • Profile picture of the author Joe Ray
        Originally Posted by monere View Post

        I do remember having another website hacked a month, or two ago, and contacting my hosting's support they said something along the lines "next time when we catch you with a website hacked we suspend your account". Not sure if these were the exact words, but I remember how infuriated I was for getting the blame for something I wasn't guilty of. That's when I decided I wanted to change my hosting provider.
        I know this must be a frustrating experience. You said: "I was for getting the blame for something I wasn't guilty of." Just for future reference, in many ways, it is your responsibility to protect your site from being hacked. It's not just the hosting provider.

        In the future, after you cleaned up this situation, you should take some steps to learn how to protect your site. The webmaster is responsible for the security of the website and in many cases legally and financially liable.
        Signature

        {{ DiscussionBoard.errors[10484722].message }}
        • Profile picture of the author monere
          Originally Posted by Joe Ray View Post

          I know this must be a frustrating experience. You said: "I was for getting the blame for something I wasn't guilty of." Just for future reference, in many ways, it is your responsibility to protect your site from being hacked. It's not just the hosting provider.

          In the future, after you cleaned up this situation, you should take some steps to learn how to protect your site. The webmaster is responsible for the security of the website and in many cases legally and financially liable.
          Not really! If I do everything by the book and protect my website with all of the available options available it is still possible that one guy/gal has too much time on their hands and are mean enough to want to bring the site down. At which point is not my fault anymore since I did use everything at my disposal to protect my site. Of course, it might not be the provider's fault either, but at least have the decency (them, not you ) not to blame me. Now, I must admit that the website that got hacked was the main domain I registered with this company when I created an account with them years ago, and since then I haven't done anything with this domain, except putting WP on it and letting it be. So, I didn't update WP, or the plugins, or whatever and probably that's how retards hacked it, so yeah I agree that, to some extent, it was my fault (I didn't know that one of the security measures is to have everything up to date until I got the website hacked). But, how can I be blamed for something I wasn't aware of? That's stupid, and it's exactly the point I was trying to make.

          Anyway... what also bothered me was their blaming on me, as well as the fact that they dragged the restore of the website for 8-9 days, at which point I got tired of waiting for their support, and I simply de-installed WP (and the DB associated with it). There! Problem solved! It was such a quick fix, but they were incompetent in doing this little thing (I even told them that they should do it, but then they said that they can't because.... the backups are hacked too).

          And that's when I started looking for another company. For now, I'm still with them because I can't afford a new hosting provider, and given that I have over 30 domains hosted with them (most of which are active), so it would be too much hassle to transfer 30 domains to a new company.
          Signature

          Try not to become a man of success but rather to become a man of value - Albert Einstein

          {{ DiscussionBoard.errors[10485204].message }}
          • Profile picture of the author KirkMcD
            Originally Posted by monere View Post

            and given that I have over 30 domains hosted with them (most of which are active), so it would be too much hassle to transfer 30 domains to a new company.
            It's simple. You just ask the new host to do it for you.
            {{ DiscussionBoard.errors[10486189].message }}
            • Profile picture of the author monere
              Originally Posted by KirkMcD View Post

              It's simple. You just ask the new host to do it for you.
              I thought about that ... Still, I can't afford a new host for now because most good hosts ask for 12-24 months worth of payment upfront, where you also add the VAT tax (which in Europe is around 20%). This means at least $100 money down payment, which I simply don't have right now. Yeah, I know that I have 30 sites running, but the income from 90% of these websites is... ZERO.
              Signature

              Try not to become a man of success but rather to become a man of value - Albert Einstein

              {{ DiscussionBoard.errors[10486199].message }}

Trending Topics