Solved

Virus on website

Posted on 2010-11-21
10
339 Views
Last Modified: 2012-05-10
My website shows
Reported Attack Page!
Linux server
PHP and html files

What do I do now ?
Plz advice
0
Comment
Question by:whspider
  • 2
  • 2
  • 2
  • +3
10 Comments
 
LVL 2

Accepted Solution

by:
soulreaver1 earned 250 total points
ID: 34183327
Some virus scanners analising php/html code to find possible viruses/danger code. Usually there isn't any virus, however somtimes some files on your site could be infected, example: http://www.prelovac.com/vladimir/warning-website-virus-attack .Do you have any log generated by this antivirus? It would be helpfull.
0
 
LVL 7

Assisted Solution

by:stephen_c01
stephen_c01 earned 250 total points
ID: 34183339
The last page that got hacked that i worked on, they modified the .htaccess and index.php/html and put redirect in there to the true virus site. The virus was never on the hacked site.
0
 

Author Comment

by:whspider
ID: 34183602
How do I avoid this .............. i can't be monitoring this all the time
0
 
LVL 7

Expert Comment

by:stephen_c01
ID: 34183661
make sure you have secure passwords and if you do you probably have a bug in a script. The site i worked on was a bug in Joomla 1.0 to gain access.

Make sure you are running the latest version of any scripts or CMS.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 2

Expert Comment

by:soulreaver1
ID: 34183662
Read antyvirus log and then find the reason.
0
 
LVL 25

Expert Comment

by:madunix
ID: 34195893
0
 
LVL 2

Expert Comment

by:koffu
ID: 34238432
at first, change all you application, system and FTP passwords.
analyse ftp logs: most problem is unsecured ftp clients, which save passwords in plain text. Often this user click "save pw" and local workstation viruses found it.
look and analyse .htaccess files for rewrites, delete or fix necessary lines.
after analysis of logs, your will see which info was changed. For example, most viruses add own body as <IFrame> directly in the end of php files. If you'll find it, simple delete with text editor, preserving php code structure.
0
 

Author Comment

by:whspider
ID: 34358052
The iframe gets injected often eventhough i change the ftp passwords and all ,,, how do i avoid all that ?
0
 
LVL 38

Expert Comment

by:younghv
ID: 34580792
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
svg file 10 82
ScanGuard 4 78
How to update  and reset admin password for Linux 5 36
"k" and "i" wont work in a dell lap top 5 14
HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now