• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 347
  • Last Modified:

Virus on website

My website shows
Reported Attack Page!
Linux server
PHP and html files

What do I do now ?
Plz advice
0
whspider
Asked:
whspider
  • 2
  • 2
  • 2
  • +3
2 Solutions
 
soulreaver1Commented:
Some virus scanners analising php/html code to find possible viruses/danger code. Usually there isn't any virus, however somtimes some files on your site could be infected, example: http://www.prelovac.com/vladimir/warning-website-virus-attack .Do you have any log generated by this antivirus? It would be helpfull.
0
 
stephen_c01Commented:
The last page that got hacked that i worked on, they modified the .htaccess and index.php/html and put redirect in there to the true virus site. The virus was never on the hacked site.
0
 
whspiderAuthor Commented:
How do I avoid this .............. i can't be monitoring this all the time
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
stephen_c01Commented:
make sure you have secure passwords and if you do you probably have a bug in a script. The site i worked on was a bug in Joomla 1.0 to gain access.

Make sure you are running the latest version of any scripts or CMS.
0
 
soulreaver1Commented:
Read antyvirus log and then find the reason.
0
 
madunixChief Information Security Officer Commented:
0
 
koffuCommented:
at first, change all you application, system and FTP passwords.
analyse ftp logs: most problem is unsecured ftp clients, which save passwords in plain text. Often this user click "save pw" and local workstation viruses found it.
look and analyse .htaccess files for rewrites, delete or fix necessary lines.
after analysis of logs, your will see which info was changed. For example, most viruses add own body as <IFrame> directly in the end of php files. If you'll find it, simple delete with text editor, preserving php code structure.
0
 
whspiderAuthor Commented:
The iframe gets injected often eventhough i change the ftp passwords and all ,,, how do i avoid all that ?
0
 
younghvCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 2
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now