Solved

Reported Attack Page!

Posted on 2012-12-21
4
302 Views
Last Modified: 2012-12-22
Dear Experts,

I have been asked by my client to look at his website, which displays "Reported Attack Page!" message when you try to view.
After looking at the source files that are uploaded at the web hosting service, it seems that the HTML files such as index.htm are ok, but as soon as I try to download and view any image files associated with the html files, I get the same message.
My questions are:
1. How does this happen?
2. What is the best way to remedy this?
3.  Is there a way to make sure that this does not happen again?

Please advise,  thank you!
0
Comment
Question by:yballan
4 Comments
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 167 total points
ID: 38714943
His files have been hacked and bad things put in the damaged files.  Someone could have guessed his password and done it or one of the other users on the server may have found a way to invade his site and make changes.  

The only 'cure' is to upload new undamaged files.  I keep the 'master copy' of all my sites on my own computers here so I can re-upload a 'good' copy if anything should happen to the files on the server.

The fist preventative measure is to change the FTP and account passwords.
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 166 total points
ID: 38714975
I agree with DaveBaldwin. We had that problem a few years ago. We didn't have a complete backup and it was a nightmare. We had to download the entire site to a Pc, run spyware and virus checkers against the code and them clean up java and php code that had ben inserted into the html files that we didn't have a recent backup for.

There are also online scanners you can use to scan and check your site to help ensure it is finally clean.

#1 rule: Update all passwords. Generally the best password is a suggested password that is generated in your cpanel.
0
 
LVL 53

Accepted Solution

by:
COBOLdinosaur earned 167 total points
ID: 38715696
Your first priority has to be to get the crap off the site.  An unsuspecting user with poor security practices could pick up infections from the site and spread them.

Then you need to upload what you have.  

Knowing how it happened does not deal with what should be the immediate priorities.  However when you get to it; you need to look at whether the host has adequate security protection.  If they do not you either need to change hosts or add more security to the site to fill the holes left by the host.

Then we get to the future and being able to respond and resolve these issues in minutes with well thought out backup procedures.

HTH
Cd&
0
 

Author Closing Comment

by:yballan
ID: 38715881
Dear Experts,

Thank you for you replies, and I am glad to hear that what I did first was on the right track, which is to request a password change, then to request getting the original files from the previous webmaster.  (I hope they still have them.....)
It is just good to hear from someone with the experience, because web site management is usually not part of my job.
Thanks again!!!
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I recently found myself in a Corporate Situation where the client had requested blocking access to any and all websites except his own Domain? Easy? I am sure this would be your answer but their requirement was, this has to be done without using…
Do you come here a lot? Are you lazy like me and don't want to go through the "trouble" of having to click your Dock's Safari icon and then having to click your Experts Exchange Favorites bookmark to get here? Well then this article is for you.
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now