Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


my website has been hacked

Posted on 2011-09-05
Medium Priority
Last Modified: 2013-11-16

My website www.beaufieldmews.com has been hacked and now most of the links in the menu are gone there are only 2 left.  Also an email was sent from the infor address to all the subscribers it wasnt sent by us it was the hacker the email said
Dear Natasha McDonald,


To unsubscribe click here



The Beaufield Mews

 can someone help me get rid of this.

Question by:natashamcdonald
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 18

Expert Comment

by:Sudaraka Wijesinghe
ID: 36486030
Do you have access to your server or the hosting account? If so, I suggest you change your access credentials immediately and restore the web site from a backup.
If you don't have access to the server you may try to get the access back by contacting your service provider. You will need to prove that you are the legitimate owner of the web site.

Expert Comment

ID: 36486098
Also after the actions above, check your website for security leaks else the hacker can strike again.
LVL 19

Expert Comment

ID: 36486117
Who is hosting the account?

When was the last valid change you made to the site?

Can you request that the hosting company restore the site from a backup?

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

LVL 27

Expert Comment

by:Cornelia Yoder
ID: 36486173
And when you have the website back, find a new webhost with better security.
LVL 19

Assisted Solution

Michael701 earned 1000 total points
ID: 36486281
yodercm: I'll bet it's more the users weak passwords, not using SFTP and SSH for changes. Get your passwords at grc.com/password

Expert Comment

ID: 36486361
there is no database usage from your site, its not by sql injection, i doubt it was password weak or leak by backdoor from your pc.
LVL 15

Expert Comment

by:Giovanni Heward
ID: 36486443
Google reconnaissance shows http://www.beaufieldmews.com/admin/index.php -- it's possible the attacker gained access here using weak passwords (or via ftp.beaufieldmews.com)


Author Comment

ID: 36489919
Hi Thanks for all you comments i have reloaded the files from my laptop but it hasnt got rid of the problem i dont know how to get rid of this can anyone help me?

Assisted Solution

crazedsanity earned 500 total points
ID: 36490122
What are you trying to get rid of?  If the site is backed by a database (which most modern sites are), then it could be that something has been changed in the database itself: reloading old PHP/config files won't do much; instead you'll have to reload an old copy of the database itself.

Once something has been sent via email, it is a safe bet that they'll be archived forever by something.  Also, once the subscriber list has been taken, there's not much that can be done: if the "hacker" is smart, they'll save it somewhere instead of relying on continued access to the site/database to retrieve it.
LVL 19

Accepted Solution

Michael701 earned 1000 total points
ID: 36490255
Are you SURE you got your copy uploaded? I have a feeling that the website index.php may have had it's rights changed. I'd first try to erase the website version, then upload yours.

The html source only had the two links. This could be because of something in your php code. If it doesn't get fixed, post you php code here for review.
LVL 18

Assisted Solution

by:Sudaraka Wijesinghe
Sudaraka Wijesinghe earned 500 total points
ID: 36491070
Please check and make sure the backup you restored from (on on your laptop) was taken before the hacker attached the web site.
If you have any older backups which you are know for sure that is from before the hack.

Maybe try to bring up the site on another server or on your laptop itself to make sure.
LVL 27

Expert Comment

ID: 36902241
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question