Website hacked
-
Hi I've been asked to help a colleague with his website. It seems to be hacked. He recently received an e-mail from Google saying his adwords account was suspended 'due to high probability his site may be hosting or distributing malicious software' I just checked his source and there seems to loads of weird on code on his pages, this would not have been but on by any members of the website owners.
Please image attached when we try to access his website via google search
I just contacted the hosting provider - does anyone have experience with this and how to prevent such hacking in the future. The site is build using HTML with no CMS.
-
Hi Socialdude,
Did you get this sorted out, or would you like some more advice still?
-
Hi Socialdude,
A look at that code suggests that the most likely point of access has to be a file that is more than just regular HTML somewhere on your site. This means that somewhere, there must be at least one php file.
My first guess would be that there is a page with a PHP driven contact form which has been used to inject code into the site and propogate the malicious javascript into the other pages.
If you have a clean backup copy of all pages in the site (either with your friend or their developer), then the quickest fix is to upload your backup version.
If you don't have a backup, then you could try checking the Wayback Machine and see if there is a clean copy archived there which you can grab and upload to replace the hacked site.
If neither of those is an option, then the first thing to do is to find any pages in the site with the .php extension.
Rename the files by changing the file extension from .php to .txt. (If you are unsure of how to change the file extension, you can just open the files, save a copy with a .txt extension and then delete the .php version from the server)
You can now look at the file(s) that were PHP, see what has been added to the code and clean it up. You will then need to individually edit the HTML files and remove all of the bad javascript code. Now that you have everything cleaned up, create a complete backup of the site just in case you need it again in the future. Upload your clean copy and you should be good to go.
I would also go to Google Webmaster Tools & use "fetch as googlebot" to fetch and add the index page so that Google knows you are now OK to crawl again.
Hope that helps,
Sha
-
One way this can happen and your code you posted looks like a case I have seen happenn to a friend, is SQL injection. Where someone posts script into your database though inputs in your form. then when you request the data from the database it is executed.
Most newer technologies have fixed this hole, but older technologies are prone to it.
-
Cheers for your reply, as far as I know the site was built by an experienced developer but I couldn't really comment as I'm not sure. I must say the site is pretty old and it's not html validated.
We are currently looking to get the site build on a CMS either worpdress or modx.
Based on what you mentioned above I will just wait and see what the hosting company have to say with regards to this issue.
-
Web security is a very complex field which has literally hundreds of layers. You said the site was built using HTML. Is this an experienced developer with formal web development training who uses valid HTML code and has years of experience? Or is this a do-it-yourself kind of project?
It's kind of like saying someone broke into your house. They could come through the front door, the back door, the side door, any window or slide down the chimney. They could have a key made or pick the lock or smash the lock. Security is a very comprehensive field which involves the web server itself, the website, the admin panel and more. There is not a Q&A response anyone can offer to address the many factors involved.
You can pay for McAfee or a similar service to perform daily malware scans of your site and alert you to security issues. You can also move to a CMS and ensure you keep the latest updates and read their security guidelines.
-
I'm not to sure to be honest I'm not a web designer / developer and don't have experience with databases.
-
is it on the pages where you naviagte to them though the file system?
does the website use a database?
-
I found this in the source code and it's placed on all pages and looks like the below there are about 10 paragraphs on each page: I just hope the hosting provider can help us out.
-
I have never had this happen, but i would guess that the code is probably added thought a rewite rule. See if the code is actualy on the pages via the fiels system. if not i would be looking for rewrite rules in the server settings.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
New Pages in my Shopify website is not indexing
Hi The Service area pages created on my Shopify website is not indexing on google for a long time, Tried indexing the pages manually and also submitted the sitemap but still the pages doesn't seem to get indexed.
Technical SEO | | Bhisshaun
Thanks in Advance.0 -
Migrating website to new CMS and to https://
Hi, We are migrating an old website to a new one built in Wordpress soon. We also added an SSL to change to https:// Most of the url's stay the same. Can we just migrate from http to https on server level, and for the url's that do change just set a 301 redirect? Or are there other things we should take into account?
Technical SEO | | Mat_C0 -
Our Website Get too many visits from this IP ?
Hi, We get alot of visits from this IP below... Whats this ? | Host Name: | google-proxy-66-249-85-8.google.com | Browser: | IE 8.0 |
Technical SEO | | Asjad
| IP Address: | 66.249.85.8 — [Label IP Address] | Operating System: | WinVista |
| Location: | Mountain View, California, United States | Resolution: | 1024x768 |0 -
Moving a website from one domain to another
Hi Guys, I figured I'd investigate this fully before potentially ruining a client's traffic. The rundown:Two websites; one is an ecommerce store and the other is just a brochure website which has references to the ecommerce store. The ecommerce store is hosted on a server we control whereas the brochure one isn't, the URL for the brochure store is nice and simple which is the reason for the switch, as the ecommerce URL is very long and hard to remember. Now from an SEO point of view will it be a case of 301 redirecting every URL from the old domain name to the new one one or is there an easier option? Any tips or links to more information would be much appreciated. Thanks, Dan
Technical SEO | | Sparkstone0 -
Page authority old and new website
Dear all, I tried to find this question using the search option but cannot find the exact same problem. This is the thing: I launched a new website in January, replacing our old website that did pretty good in the SERPs. The old website is still running on a subdomain old.website.com and the new website is on www.website.com (www.denhollandsche.nl) Both sites are indexed by google right now, but I'm not sure if that's a good thing. For our main keyword, the page on the new website has an authority of "23" and the exact same page (some minor differences) on the old website still has an authority of "30". Both currently are on the second page of google while some time ago, they where still on position 2/3/4. My question is: if I would take down the old website and make a 301 redirect for the old page with P/A 30, to point to the new page with a P/A 23, will the p/a of this new page take over the P/A of the old page? What effects can I expect? The reason the old website is still running is that google images still shows images from old.domain.com in stead of images from the new website... Thanks for your help guys!
Technical SEO | | stepsstones0 -
301 Redirects on Large Real Estate Website
Hi guys,We are about to move over to a new website and need advice on handling the 301 redirects.We have a large real estate website with around 12,000 pages, a lot of these are properties (about 10,000)On our old website, the url structure for each property is as follows -domainname.com/property/view?property=14863on our new site, the url structure isdomainname.com/properties/view/6137The property ID number is always different from old site to new. The way we see it, we have two options. a.) a manual redirect of each and every property url. A very very long jobb.) a folder level redirect, so redirect the 'property' folder on the old site into the 'properties' folder on new. The con with this one is we are not sure if this is the best route to take, if it is how we would go about it?Some advice would be really appreciated guys. I know there are some hyper intelligent SEO's in here and we need to make sure we handle this right!Many thanks in advance.Mark
Technical SEO | | Nextman0 -
As a wholesale website can our independent retailer's website use (copy) our content?
As a wholesaler of villa rentals, we have descriptions, images, prices etc can our agents (independent retailers) use the content from our website for their site or will this penalize us or them in Google rankings?
Technical SEO | | ewanTHH0
