hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Reseller Hosting : help me to remove suspendedpage.cgi

Reply

Forum Jump

help me to remove suspendedpage.cgi

Reply Post New Thread In Reseller Hosting Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old
Web Hosting Master
 
Join Date: Jun 2010
Posts: 820

help me to remove suspendedpage.cgi


Hai folks,

many of our client websites hacked and redirects to
/cgi-sys/suspendedpage.cgi .

* i try to remove the 301 redirects throught their cpanels 'redirects' applet, but i cant remove them even though cpanel tells redirect removed.

* i check suspended accounts in WHM and there are no any suspeded accounts.

* we have a shared reseller account.

pls help me to remve this suspended pages.



Sponsored Links
  #2  
Old
Web Hosting Master
 
Join Date: Mar 2005
Location: New York City
Posts: 2,554
Quote:
Originally Posted by kandyjet View Post
Hai folks,

many of our client websites hacked and redirects to
/cgi-sys/suspendedpage.cgi .

* i try to remove the 301 redirects throught their cpanels 'redirects' applet, but i cant remove them even though cpanel tells redirect removed.

* i check suspended accounts in WHM and there are no any suspeded accounts.

* we have a shared reseller account.

pls help me to remve this suspended pages.
That's not because they were hacked. It sounds like you're a reseller, or have just a single cPanel account. I would suggest getting in touch with your web host directly.

__________________
Matthew Rosenblatt, and I do lots of things.
I'm a lighting designer for Celebrity Cruises. Check out my blog if you want.
I'm in the midst of [redacted] and [redacted] with an expected launch date of [redacted].
Simply put: Server admin, programmer, concert lighting dude.

  #3  
Old
Web Hosting Master
 
Join Date: Jun 2010
Posts: 820
Quote:
Originally Posted by Matt R View Post
That's not because they were hacked. It sounds like you're a reseller, or have just a single cPanel account. I would suggest getting in touch with your web host directly.
indeed we are contated them, but no quick response from (just hxxt)them. so i just tried to remove few of urgent clients site redirects manaullay.

Thanks for the answer matt.

Sponsored Links
  #4  
Old
Web Hosting Master
 
Join Date: Jun 2010
Posts: 820
btw,
those redirects lands in

HACKED BY VENKI NYRO HACKER AND ICP
Hey Admin Where iz Your Security
PATCH UR ASS NOTHING DELETED
We are:
|INDIAN CYBER PIRATES|
WE V'L B B4CK SOON
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dear Admin Don't Hate Us...Hate Your Weakness.....!!!!!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Web Site Has Been HaCkeD 4 ICP
or
Add Me
email: HELL_BOY990@yahoo.com

  #5  
Old
Web Hosting Master
 
Join Date: Feb 2012
Location: Memphis, TN
Posts: 2,978
Probably the old WHMCS exploit from last year if its a reseller account.

__________________
hostingcove.com | Tennessee Based Hosting Provider.
cPanel Shared & Reseller Hosting - Domain Names
Join thousands of happy customers. Secure & Stable
HeroicVPS Premium KVM VPS. Ashburn / Phoenix


  #6  
Old
Web Hosting Master
 
Join Date: Jun 2010
Posts: 820
Quote:
Originally Posted by HC-Ro View Post
Probably the old WHMCS exploit from last year if its a reseller account.
ofcase, i see few fake accounts has been creted in the whmcs.
but i have no licence key or anything to do an upgrate.
we are shared resellers.

  #7  
Old
Web Hosting Master
 
Join Date: Feb 2012
Location: Memphis, TN
Posts: 2,978
If you have a reseller account and WHMCS provided then you have a WHMCS account and can download any software release with your license. Of course you dont even need to sign in to download security patches.

__________________
hostingcove.com | Tennessee Based Hosting Provider.
cPanel Shared & Reseller Hosting - Domain Names
Join thousands of happy customers. Secure & Stable
HeroicVPS Premium KVM VPS. Ashburn / Phoenix


  #8  
Old
Web Hosting Master
 
Join Date: Jun 2010
Posts: 820
Quote:
Originally Posted by HC-Ro View Post
If you have a reseller account and WHMCS provided then you have a WHMCS account and can download any software release with your license. Of course you dont even need to sign in to download security patches.
oh really i dont no this that we can downlod updates without licence key. great to know about this. thanks a bunch Ro..

  #9  
Old
Web Hosting Master
 
Join Date: Feb 2012
Location: Memphis, TN
Posts: 2,978
No prob,

You have a license key: admin/systemlicense.php Your WHMCS account is likely the same as your reseller account infromation but oyu may need to ask the provider.

If it is the old security issue then I suggest upgrading or at least patching http://blog.whmcs.com/?t=43462

__________________
hostingcove.com | Tennessee Based Hosting Provider.
cPanel Shared & Reseller Hosting - Domain Names
Join thousands of happy customers. Secure & Stable
HeroicVPS Premium KVM VPS. Ashburn / Phoenix


  #10  
Old
Web Hosting Master
 
Join Date: Jun 2010
Posts: 820
Quote:
Originally Posted by HC-Ro View Post
No prob,

You have a license key: admin/systemlicense.php Your WHMCS account is likely the same as your reseller account infromation but oyu may need to ask the provider.

If it is the old security issue then I suggest upgrading or at least patching http://blog.whmcs.com/?t=43462
its too late now. but glad to learn somthing about security.
now all in our reseller provider's hand.
when i execute the billing path all i see is

-------
<?php //00d4b
// *************************************************************************
// * *
// * WHMCS - The Complete Client Management, Billing & Support Solution *
// * Copyright (c) WHMCS Ltd. All Rights Reserved, *
// * Release Date: 17th June 2011 *
// * Version 4.5.2 *
// * *
// *************************************************************************
// * *
// * Email: info@whmcs.com *
// * Website: http://www.whmcs.com *
// * *
// *************************************************************************
// * *
// * This software is furnished under a license and may be used and copied *
// * only in accordance with the terms of such license and with the *
// * inclusion of the above copyright notice. This software or any other *
// * copies thereof may not be provided or otherwise made available to any *
// * other person. No title to and ownership of the software is hereby *
// * transferred. *
// * *
// * You may not reverse engineer, decompile, defeat license encryption *
// * mechanisms, or disassemble this software product or software product *
// * license. WHMCompleteSolution may terminate this license if you don't *
// * comply with any of the terms and conditions set forth in our end user *
// * license agreement (EULA). In such event, licensee agrees to return *
// * licensor or destroy all copies of software upon termination of the *
// * license. *
// * *
// * Please see the EULA file for the full End User License Agreement. *
// * *
// *************************************************************************
if(!extension_loaded('ionCube Loader')){$__oc=strtolower(substr(php_uname(),0,3));$__ln='ioncube_loader_'.$__oc.'_'.substr(phpversion(),0,3).(($__oc=='win')?'.dll':'.so');@dl($__ln );if(function_exists('_il_exec')){return _il_exec();}$__ln='/ioncube/'.$__ln;$__oid=$__id=realpath(ini_get('extension_dir'));$__here=dirname(__FILE__);if(strlen($__id)>1&&$__id[1]==':'){$__id=str_replace('\\','/',substr($__id,2));$__here=str_replace('\\','/',substr($__here,2));}$__rd=str_repeat('/..',substr_count($__id,'/')).$__here.'/';$__i=strlen($__rd);while($__i--){if($__rd[$__i]=='/'){$__lp=substr($__rd,0,$__i).$__ln;if(file_exists($__oid.$__lp)){$__ln=$__lp;break;}}}@dl($__ln);}else{die('The file '.__FILE__." is corrupted.\n");}if(function_exists('_il_exec')){return _il_exec();}echo('Site error: the file <b>'.__FILE__.'</b> requires the ionCube PHP Loader '.basename($__ln).' to be installed by the site administrator.');exit(199);
?>
4+oV5E58YKNazN5gzPaSPgRv8bh0qfHuacHqr9MyrQ3lzA0TvgS4ZFeSkSUUmBGaG8HPgL9VzMf3
trRTI2c0jIDw29BIb/4vv66kWL/GP8ZezMidB9VDlMnNpNKDNQ0UNmFiRCYDzwjAgr2SZf4Srn/4
i6ci6ajgHvaG0ip43ldM6bpHyhTvD3HD48PZgeeXCnHsf+8WN9m9pMrTzpYUZpgZv9f70L0TdaF2
d/FBO7Qg2uBy7ZLv2qqccEYIZl9jr0j6xOLhMg7LiAYwqyHtxyaLR7LVY8rN0wpXRV1zDQDW+ahA
JnSNTuB2GnrrdbimjuQKjW+3gHW0NzM7tBH/FSNHq+9fkZdPI8C0O+5rTODn8Z8Q6UInFm4Mnis8
mTRcZNM74BTNyknnOhkpiGIp7Xlnq6hXtt4ZN6JEe9/tBs9qRTa4LUkPyjBujbrmOnCSpwV+EYmZ
WPJhnK+JVkgX9FlhYECeugR52aYR6W6Lae6mUNEAnUTG8HoYk7emV/tZU7Kds0Lm2rEccuF6k7jv
5JWLUTKFn+i1hnT2GM1HVeA0x6a3QTdPr0Bem4i/NEeWneLC5hKcI99Gz6PPRosMj24pmcgDXul0
bSwyJ5fWbvUIiQbi2B9W8bfqt7GjpcXgN/A/flXB2NH5Bwv+Adz+/pYsGBSF2G1AzupJn6QTT9iE
LlCxZMPADy5tedV7cpx0jU+V0T8i28UES3kDVjl71yTtAnW9h44wK2I6uRRxxuuNa/2itfoIpu2t
IUIzIkfZxkyFhwVrwhuvU5Lg671cysxObE+K+nnTj/OaNJ9VYekKD4qOpdRABlzAlVGprxEEuDFF...............

  #11  
Old
Disabled
 
Join Date: Feb 2011
Posts: 98
Keep us updated please.

  #12  
Old
Premium Member
 
Join Date: Mar 2003
Location: Jaipur, India
Posts: 632
please check with your hosting provider if they have suspended it manually only they can unsuspended it or second thing please check your accounts file manger  public_html and find out if any cgi script lied in here.

__________________
ZNetLive
Web Hosting for Designers & Developers

  #13  
Old
Aspiring Evangelist
 
Join Date: Nov 2010
Location: Las Vegas
Posts: 398
Yeah, check with your provider and always make sure your WHMCS installation is up to date. You may even want to change the admin directory so that it is a little harder to get to if someone tries to hack it.

__________________
HostClearly.com
HostClearly Web Hosting
Reliable Hosting, Unbeatable Support
Shared, Reseller, and VPS Hosting since 2010!

  #14  
Old
Technical Nutcase
 
Join Date: Mar 2009
Location: Miami, Florida
Posts: 18,662
Hello,
You should also look in the .htaccess to see if there is a redirect there as well

__________________
http://iSheep.net - The ultimate iSheep simulator

  #15  
Old
Web Hosting Guru
 
Join Date: Jul 2003
Location: Michigan
Posts: 267
Yes check your .htaccess also look at your domain redirects in CPanel.

ps: installing all the software you have, are you sure you CHMOD everything correctly to do your installs? and back after the installs?

__________________
Custom Identities, Design, Marketing, Promotion & Publishing
Experience the Advantage "Brand Your Business Successfully"

Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
cgi execution problem ( not found for every file inside cgi-bin directories ) FarzinSB Hosting Security and Technology 6 05-19-2011 10:53 AM
cant remove package via yum - centos - howto manually remove files and rebuild rpm db o-dog Hosting Security and Technology 2 03-11-2011 03:39 AM
remove empty folders and remove from a db NWSTech Hosting Security and Technology 0 07-22-2009 03:18 PM
Can't remove a cgi script on root level.. jayzee Hosting Security and Technology 1 08-27-2005 06:13 AM
Undefined catalog: /~isonick/cgi-bin/cart.cgi chicku Hosting Security and Technology 2 02-15-2003 12:33 PM

Related posts from TheWhir.com
Title Type Date Posted
Right to be Forgotten Spreads to Japan as Google Deletes One-Third of EU Requests Web Hosting News 2014-10-10 11:21:08
Right to Be Forgotten Continues to Create More Regulations for Search Engines Web Hosting News 2014-09-19 12:41:29
Google Releases Online Form to Simplify EU “Right to be Forgotten” Request Web Hosting News 2014-05-30 10:20:52
Google Already Fielding Removal Requests Under EU “Right to be Forgotten” Web Hosting News 2014-05-16 15:11:16
Revenge Porn Site Owner Faces Multiple Felony Charges Web Hosting News 2013-12-11 13:57:30


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
WHT Host Brief Email:

We respect your privacy. We will never sell, rent, or give away your address to any outside party, ever.

Advertisement:
Web Hosting News:
WHT Membership
WHT Membership



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?