At the bottom of some of the pages I host at IXWebHosting a whole bunch of lines of this type: <a href="http://www.somespecificsiteaddress.com/webalizer/css/?q=89">texes holdem poker hands</a> keep appearing. IX say that my site has a virus and then suggest that I scan my local PC for a virus. Since the site has no scripting associated with the site, not even forms, and nothing has been uploaded to the site for a very long time I find the response somewhat "interesting". It seems more likely to me that either they have security problems with their site or that someone at IX is adding these links to the pages. Has anyone had the same experience with pages hosted at IX (or elsewhere)? As an example, please take a look at the lecis.org website (I can't post live links - sorry) If you're quick, you'll see the links flash across the screen. Go to the page source (View->Page Source in firefox) and scroll to the bottom to see the links. Thoughts, suggestions or comments exhonerating IX or suggesting how this might have happened would be appreciated. Thanks,
It looks like you got hacked by on page or SQL injection. Can't you remove the code from your source?
Surely I could just remove it. However, there's no SQL on any of these pages. The website does not even have a form on it. There's no serverside scripting, nothing but html. So just removing the text does me no good if the vulnerability remains. What's not clear to me is how the vulnerability exists and that I could close it. Seems that the vulnerability is on the server and I don't have admin rights to the server.
Haha, I don't know what to tell you. I spoke with the CEO of IXWebHosting, showed him various vulnerabilities on their system as "proof" because he was ignorant, and then later he told me he would like to pay me PER exploit-- sadly that's not how anyone in the security industry works. I spoofed his emails, showed him I accessed 6 servers on his network, and proposed to him 2 XSS (Cross-Site Scripting) flaws. I think you should venture off to a different host no matter what the case is, he's not obviously never considered security at any point, trust me.