Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
PROBLEM Site hacked & redirecting to porn - root files only
#1
Site has been hacked with updates to .htaccess and addition of mailicious php files including exploiting-blazers.php - all inn the root.  Host is godaddy shared hosting account.

Site corrected and back up now, but want to spread the word and ask if others have the same problem?

I need to study everything available on securing the GS site, as I was confident the site was already secure.  Your suggestions please?

.htaccess file was redirecting site only from search results as follows:

RewriteCond %{ENV:REDIRECT_STATUS} 200

RewriteRule ^ - [L]
RewriteCond %{HTTP_USER_AGENT} (google|yahoo|msn|aol|bing) [OR]
RewriteCond %{HTTP_REFERER} (google|yahoo|msn|aol|bing)
RewriteRule ^(.*)$ exploiting-blazers.php?$1 [L]

Working theory now is that godaddy shared hosting server was hacked and site folders crawled and code added to rot. Is this plausible?

Many thanks
Reply
#2
(2016-04-14, 05:46:43)DonR Wrote: Site has been hacked with updates to .htaccess and addition of mailicious php files including exploiting-blazers.php - all inn the root.  Host is godaddy shared hosting account.
...

Working theory now is that godaddy shared hosting server was hacked and site folders crawled and code added to rot. Is this plausible?

About a month ago, another user reported a simular problem -see the thread at
http://get-simple.info/forums/showthread.php?tid=8098
Thanks,
jwzumwalt
(\__/)
(='.'=)
(")_(")
Reply
#3
Yeah these are usually shared host issues, unless you have something that allows front end uploads and it was exploited.
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply




Users browsing this thread: 2 Guest(s)