1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Someone hacked my website to collect backlinks

Discussion in 'Security' started by blaz1988, Jul 3, 2012.

  1. #1
    Hi ,
    I use wordpress and someone hacked my website.

    Hacker added about 50 html files into folder http://hackspc.com/wp-content/plugins/facebook-like/advancement/attachment/ that has backlink to website: http://www.expert-lender.com/

    I removed all files and changed FTP and root password , but after two days he hacked my website again and put restriction that I can't delete files , Hacker added file different permission do directory , so that I can't delete it . See the image

    http://hackspc.com/wp-content/uploads/2012/07/hakirana-stranica-1.jpg

    Now I can't delete files in directory http://hackspc.com/wp-content/plugins/facebook-like ???


    The main problem is that when I go to webmaster tool - > Traffic -> Internal links
    I see a lot internal links that point to hacked pages

    http://hackspc.com/wp-content/uploads/2012/07/hakirana-stranica-5.jpg
    SEMrush
    In robots.txt I added this code :

    User-agent: *
    Disallow: /wp-admin/
    Disallow: /wp-includes/
    Disallow: /wp-content/plugins/
    Disallow: /wp-content/themes/

    http://hackspc.com/robots.txt

    but still google indexed that hacked pages

    Can someone help me how to fix that and how to protect my website ?
     
    blaz1988, Jul 3, 2012 IP
    SEMrush
  2. HostingLynx

    HostingLynx Active Member

    Messages:
    105
    Likes Received:
    1
    Best Answers:
    1
    Trophy Points:
    58
    #2
    Have you reviewed your access logs and do you know the system "owner" of the files?

    Alot of time hackers will hack the server then from the root account on that server add files or replace files on the websites on the server and since the hacker is root the files they replace or add would only be able to be deleted by the root user.


    I would suggest trying to figureout first whether it was actually your blog that was hacked or if it was the web server your on and your website is just a vitcim of a hacked server.
     
    HostingLynx, Jul 7, 2012 IP
  3. TiffanyJ.SSS

    TiffanyJ.SSS Member

    Messages:
    72
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    33
    #3
    What we do when we take in clients that have gotten hacked is we restore with original files and rebuild their site step by step to ensure won't happen again after we analyze the log files.
     
    TiffanyJ.SSS, Aug 2, 2012 IP
  4. MagnetiCat

    MagnetiCat Active Member

    Messages:
    81
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    60
    #4
    Tiffany's way of doing things is the only reasonable one. A backdoor can be a one-liner in a random file on your web directory - there is no 100% way go being sure your website is clean.

    About Google links, not sure how long you have been having the problem, but it takes a while for Google to take that stuff out of their logs.
     
    MagnetiCat, Aug 10, 2012 IP
  5. jtpratt

    jtpratt Well-Known Member

    Messages:
    170
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    123
    #5
    You have to get to the root cause and plug that hole that made it happen. Could be out of date wordpress, plugins, or theme exploit (timthumb)

    Here's a huge diy guide to securing and hardening your WP website if you can't hire someone to take care of this:
    http://www.jtpratt.com/how-to-fix-a-hacked-wordpress-blog/
     
    jtpratt, Aug 15, 2012 IP
  6. whrsstech

    whrsstech Peon

    Messages:
    12
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #6
    You (jtpratt) are absolutely right. Most of the WP hacks occur due to outdated plugins or themes. Only use WP modules which has good user rating/reviews.
     
    whrsstech, Aug 17, 2012 IP
  7. Sealia

    Sealia Peon

    Messages:
    6
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #7
    Good advice jtpratt and good blog post as well. It says it all methinks.
     
    Sealia, Aug 17, 2012 IP
  8. laithbarnouti

    laithbarnouti Peon

    Messages:
    17
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #8
    yes really its very good posting and advise also.... i need more information to protect the website also is there any other ideas tooo?
     
    laithbarnouti, Aug 30, 2012 IP