Is my hosting secure?

Posted on 2006-05-13
Last Modified: 2010-03-04
For some strange reason on all 8 domain I have hosted with a web hosting company ( someone or something has added this code to the bottom of the index file:

function Decode(){var temp="",i,c=0,out="";var

I certainly didn't do that and have no idea what the code does. Does that mean my account has been hacked?

Please advise as to what I can do to prevent this / fix this probem.  Obviously, I have removed the code, but want to know where it came from, how it got there, how to prevent it from coming back and most importantly, if my server has been compromised.

Question by:WF_Whistler
    LVL 10

    Accepted Solution

    What this javascript does is add the following HTML to the page:

       <iframe src= width=1 height=1></iframe>

    A quick google search shows a similar complaint, and a suggestion that security breach might not be individual account, but breach of host company security.

    I can't really tell you how it got there though.

    LVL 2

    Assisted Solution

    WF, yeah that's definitely a security breach.

    I work for one of the oldest hsoting companies in the world and there is NO reason to alter every file esp with that.   Now if it was free hosting and they were adding ads then that is one thing but I assume this is paid.

    That is definitely a hack.  I am surprised that you did not ask your hosting company this question though, are they not answering you or something.

    But quick answer from someone who knows, there is NO reason to add any code to a file like that.

    Author Comment

    I've asked them about it and they of course said they know nothing about it.  Not sure if my account was hacked or the entire server (it's shared).  I've changed all my passwords and will keep an eye on it to make sure it doesn't happen again.

    Author Comment

    How do I split the points between you two for both helping out?

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Suggested Solutions

    Title # Comments Views Activity
    Jmeter how do I get the right number for load? 4 70
    .htaccess 6 51
    maven set up 2 84
    .htaccess rewrite url with querystring problem 13 62
    As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
    If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Hi everyone! This is Experts Exchange customer support.  This quick video will show you how to change your primary email address.  If you have any questions, then please Write a Comment below!

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now