this keeps on happening, one of my websites keep getting pharmacy/viagra bulk links hack. google says "site may have been compromised" normal user doesn't see anything, only the google crawls it. site is normal html and first index page is PHP. tell me what should I do to fix this issue or if someone can fix it for me. CHMOD correctly. Thanks
I'd have to see the code being used to provide any sort of meaningful help -- but... have you rotated the FTP passwords? Is that PHP using EVAL in any way shape or form? Are you using 'include' or 'require' on a $_POST or $_GET value? Have you cleaned the directory of any modified files? When you 'erase' the hacked copy, are you sure the files you put in their place aren't hacked? ... and are you self-hosting, or relying on shared? If the latter it could be some other site on the server that's screwing with yours.
You might have a virus on your computer which is leaking your FTP password. Scan with malwarebytes.org and at least one other anti-virus program, see if you find anything.
no there is no virus on my computer only happens to this site. as i'm not using anything php related now so i have changed my index.php to index.html , hope that cannot be injected. its probably some newsfeed. I need to hire someone who can fix this issue. :S anyone?