Results 1 to 13 of 13
-
05-28-2015, 04:03 PM #1Web Hosting Master
- Join Date
- Sep 2007
- Location
- Germany
- Posts
- 714
Hacked? forum is being redirected
Hello.
My forum located at: http://f1zone.net/forum is being redirected to: http://guestlistlondon.com/
WTF is that? What to do?sorry, This user doesn't have a signature
-
05-28-2015, 04:09 PM #2~~~~
- Join Date
- May 2008
- Posts
- 3,424
Check the .htaccess file in the 'forum' folder for possible redirects in there.
Uptime Monitor - Minimize your downtime by being the first to know about it!
Blacklist Monitor - Are any of your IPs or Domains blacklisted? Find out before it gets to affect you or your clients.
-
05-28-2015, 04:26 PM #3Junior Guru Wannabe
- Join Date
- Sep 2012
- Location
- Michigan
- Posts
- 70
Most likely you have been compromised. Check the .htaccess to remove the redirect, and then (if you have SSH access) run a malware scan on your site. You most likely have been compromised and there is probably some shells in your installation.
-
05-28-2015, 04:50 PM #4Web Hosting Master
- Join Date
- Sep 2007
- Location
- Germany
- Posts
- 714
OK thanks guys. I found it. I deleted it and running scans now.
It's interested. In 2009 I was hosted by medialayer, switched to tsohost in 2012 (I guess something happened then). After 3-4 months went back to Medialayer, I got hacked again. And in 2015 I got hacked.
The website which hacked me is hosted by Tsohost.com it's interesting. I guess the shell has been online since 2012. Geez! going to do some scans now!sorry, This user doesn't have a signature
-
05-28-2015, 04:53 PM #5Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
-
05-28-2015, 04:53 PM #6Web Hosting Master
- Join Date
- Jul 2009
- Location
- The backplane
- Posts
- 1,788
-
05-28-2015, 04:54 PM #7Web Hosting Master
- Join Date
- Sep 2007
- Location
- Germany
- Posts
- 714
How to find the hidden shell now? any script to run it?
sorry, This user doesn't have a signature
-
05-28-2015, 05:04 PM #8Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
A little investigation into your site yields and your running phpBB and the version is from what I can tell appears to be: 3.0.10
Considering the version within the 3.0.x branch is at 3.0.14 and version 3.1 is already out and onto 3.1.4 you are currently some 9 versions outdated...
phpBB 3.0.10 was released in 2012 and since then a number of exploits have been found.
You need to upgrade ASAP.Last edited by Server Management; 05-28-2015 at 05:08 PM.
-
05-28-2015, 05:19 PM #9Web Host Reviewer
- Join Date
- Feb 2006
- Location
- Kepler 62f
- Posts
- 16,703
phpBB has a lot of exploits.
|| Need a good host?
|| See my Suggested Hosts List || Editorial: EIG/Site5/Arvixe/Hostgator Alternatives
||
-
05-28-2015, 05:26 PM #10Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
-
05-28-2015, 05:28 PM #11Web Hosting Master
- Join Date
- Sep 2007
- Location
- Germany
- Posts
- 714
Sorry. Double post. Removed....
Last edited by Red_wolf6; 05-28-2015 at 05:29 PM. Reason: double post
sorry, This user doesn't have a signature
-
05-28-2015, 05:42 PM #12Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
The version of phpBB your using suffers from SQL injection exploits. It's okay finding something they've planted but it doesnt close the point of entry aka injecting the database. Unless you upgrade to the current 3.1.4 you'll just have problem after problem until your forum is ruined with every table injected and a swiss cheese load of holes.
-
05-28-2015, 05:46 PM #13Web Hosting Master
- Join Date
- Apr 2009
- Location
- New York City
- Posts
- 5,169
Always ensure that your software / applications are always up today and secured as much as possible. Ensure you change your passwords often from time to time.
I suggest upgrade your forum software to the latest software do so with any other scripts you have on that account / any server. next change all passwords for all your accounts this would include emails , forum accounts, even passwords you use for your computer / on other sites. never know what they have or could of done. Most times when a hosting account is hacked or tampered with it isn't the hosts fault but rather the clients because they used or are using out of date software which can easily be breached by sum1.
Similar Threads
-
Existing websites being redirected when new website is created
By Promex in forum Web HostingReplies: 7Last Post: 03-23-2014, 12:46 AM -
public_html folder is being redirected
By DavidV in forum Programming DiscussionReplies: 8Last Post: 05-11-2007, 02:36 PM -
My server is being Hacked! Please help!
By ahlup in forum Hosting Security and TechnologyReplies: 1Last Post: 10-09-2004, 08:07 AM -
Help! My server is being attacked!
By arrty in forum Dedicated ServerReplies: 22Last Post: 08-05-2001, 03:49 PM -
Is Being a Reseller a Bad Thing?
By Laci in forum Web HostingReplies: 28Last Post: 09-17-2000, 08:04 AM