1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Site hacked? Can someone shed some light on this

Discussion in 'Site & Server Administration' started by Masetek, May 21, 2008.

  1. #1
    Recently a few of my users one of my sites have been complaining that when they either go to the site (by typing in the URL or search on Google), or click to read a forum post or article that they get redirected to an anti spyware site.

    This is obviously just a spam site pushing software.

    The site is gets redirected to is antispywaremaster.com. The url in the address bar looks something like this:

    85.255.117.37/ind.htm?src=447&surl=www.myurl.com&sport=80&suri=%2Fforum%2Fvbseo%2Ephp%3Fvbseourl%3Dshowthread%2Ephp%26p%3D74479

    I have no idea how this could happen. Can anyone shed any light on this? I'm not sure whether it's a problem with my forum/cms or whether it could be on my server.

    Any help would be appreciated. Cheers!
     
    Masetek, May 21, 2008 IP
  2. Phase

    Phase Active Member

    Messages:
    50
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    93
    #2
    Check to see you are using the latest version of every piece of software you use on your website. If you aren't, remove the current one and upgrade (so you get rid of any tampered with files if this is the case), Lastly, if you are using the latest, seek help from the communities of the software you are using.

    Try not to be so vague in your questions next time, too.

    http://www.catb.org/~esr/faqs/smart-questions.html
     
    Phase, May 21, 2008 IP
  3. Masetek

    Masetek Peon

    Messages:
    820
    Likes Received:
    32
    Best Answers:
    0
    Trophy Points:
    0
    #3
    After speaking to my tech support staff they informed me that it was an apache exploit.

    All has been resolved now.
     
    Masetek, May 21, 2008 IP
  4. webchat

    webchat Peon

    Messages:
    1
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Hi Masetek,

    I have this too on my server but the support staff don't understand what I am explaining. Did your people tell you the name of the exploit or anything so I can pass it on to my people?

    Many thanks in advance: robin@robinnixon.com
     
    webchat, May 24, 2008 IP
  5. Masetek

    Masetek Peon

    Messages:
    820
    Likes Received:
    32
    Best Answers:
    0
    Trophy Points:
    0
    #5
    I'm not sure what they did to fix it, but they did upgrade Apache to the latest version. Sorry they didn't tell me the name of the exploit
     
    Masetek, May 24, 2008 IP