 the site rebotstat.com is attacking my site,i have very little knowledge on what to do next, i changed my passwords,i think its left some nasty java script on my homepage my friend is looking threw my files but he has not found anything yet if anybody knows any steps i can take please help. i have no back up of my site because it is too large to back up with my current hosting
you can email me at Czheck@beatsforyounow.com
any help is appreciated |
Shouldn't your hosting provider be looking into this? BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin |
1. Run malwarebytes on your home computer, that's how they normally get your ftp passwords. 2. Go into Cpanel and delete all the ftp accounts (except the master one) 3. Change your Cpanel password.
To find all the infected files get a snippet of the bad code (it should be a single line at the bottom of several of the files starting with <script>, check index.php) and type this in a shell window: grep -l -r "code snippet here" * BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin |
If you hosting provider allows you, may be you can block the IP of that website, or if you have your own web server then you can use fail2ban to block all those attacks. |
It puzzles me why anyone would want to attack a dolphin site. We have hackers trying to gain access to one of our custom modules..... why? If we were the next facebook or held any records i could understand.... But there is nothing on the site of any value. |
It puzzles me why anyone would want to attack a dolphin site. We have hackers trying to gain access to one of our custom modules..... why? If we were the next facebook or held any records i could understand.... But there is nothing on the site of any value. You should check your log files, something should be there, but I'm wondering, are you using shared hosting or your own web server? Ones you answer my question I will be able to help you better. |
It puzzles me why anyone would want to attack a dolphin site. We have hackers trying to gain access to one of our custom modules..... why? If we were the next facebook or held any records i could understand.... But there is nothing on the site of any value. These attacks are automated for the most part, they don't care what's on the site or what software it's running. That code they inject normally redirects everyone who visits the page to a site selling bootleg software or porn. Most of the time it also tries to infect the visitors computer so then they can get theif FTP info and the cycle contines on and on.. BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin |
What version of Dolphin are you using? |
if anybody can help me remove encrypted this encrypted code from my website,and get the site back up and running i will pay. urgent help.
my email is czheck@beatsforyounow.com |
