SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Member
    Join Date
    Sep 2013
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    A Desperate Plea for Help

    Okay hello everyone.

    I've been very very perplexed by this issue: a friend of mine runs a website called Shop Laurella at shoplaurella.com. Recently, there has been a lot of redirection of her site to some strange advertising spam kinda thing. I've looked at the .htaccess files, I've pored through some of the code on the index.php and all (and even modified the file to see if it was loading) but to no avail.

    Does anyone have any idea on what leads I should take? Originally, she could load her site and intermittently find another website once in a while, but it's now permanent.

    I'm out of my league here, would appreciate any leads! Thanks!
    Last edited by ParkinT; Sep 26, 2013 at 08:20. Reason: removed link

  2. #2
    Avid Logophile silver trophy
    ParkinT's Avatar
    Join Date
    May 2006
    Location
    Central Florida
    Posts
    2,336
    Mentioned
    192 Post(s)
    Tagged
    4 Thread(s)
    Welcome to the Sitepoint Forums. You are certain to find an answer to your question among the innumerable experts that comprise our community.

    Have you taken the site offline?
    There appears to be no landing page (default registrar page).

    According to the Whois database, that domain name is registered to someone in Singapore and the domain is currently hosted at hostgator. Are you certain about the domain name?
    Don't be yourself. Be someone a little nicer. -Mignon McLaughlin, journalist and author (1913-1983)


    Git is for EVERYONE
    Literally, the best app for readers.
    Make Your P@ssw0rd Secure
    Leveraging SubDomains

  3. #3
    SitePoint Member
    Join Date
    Sep 2013
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi ParkinT,

    Thanks for the reply. I'm not sure if taking the site offline would do any good, since I'm sure it's a DNS level issue or some redirection issue. I'm not sure what you mean by landing page, I seem to be getting redirected to an ad page that has fashion links and all but not the actual site we have there.

    I'm from Singapore and the domain is registered to my friend in Singapore, and yes I think it's on hostgator. Pretty lost here, but thanks for the help!

  4. #4
    Avid Logophile silver trophy
    ParkinT's Avatar
    Join Date
    May 2006
    Location
    Central Florida
    Posts
    2,336
    Mentioned
    192 Post(s)
    Tagged
    4 Thread(s)
    Now I have a better understanding of the overall situation. What you are seeing is a standard 'generic' page many hosting companies use.
    Based on my experience you have suffered from one of two (not at all nefarious) issues:
    • The hosting expired
    • The DNS is not correctly setup


    Beginning with the hosting provider, ask for some help on this and you should get quickly to a resolution.
    Don't be yourself. Be someone a little nicer. -Mignon McLaughlin, journalist and author (1913-1983)


    Git is for EVERYONE
    Literally, the best app for readers.
    Make Your P@ssw0rd Secure
    Leveraging SubDomains

  5. #5
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,777
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Another backlinker problem...

  6. #6
    Certified Ethical Hacker silver trophybronze trophy dklynn's Avatar
    Join Date
    Feb 2002
    Location
    Auckland
    Posts
    14,653
    Mentioned
    19 Post(s)
    Tagged
    3 Thread(s)
    lanyingjie,

    The first thing I would do is:

    1. Take your website offline because it's poisoning your reputation.

    THEN ...

    2. Download all files to your computer but do not run them there (you'd infect your computer). READ the code and look for JavaScript that you had not included in the file. That's likely your source of redirections.

    3. If you've used canned programs (WordPress, Drupal, ZenCart, etc.), UPDATE (and keep updating regularly as the script kiddies look for non-current versions to test their hacker scripts). NEVER let an update go by!

    4. Upload your backup set of files (the master set - you DO have the master files, don't you?) then test all the links in your website. If any redirect, your master set is also infected and you'd better just start over.

    There had been a thread some months ago where I posted a "checklist" to resolve a hack attack where recommended that the host run "maldet scans" on the account and use the output to find all the offending files (you have to read the file to see what code is creating the problem). Be sure to run multiple maldet scans until it can find no further malware in your account's files (then weekly after that).

    THEN create a script to hash all your files and record those hashes every day and compare against the previous day's hashes (read from a database). You should know of any additions, edits or deletions and compare that with the output of your script. (I wrote just such a script and published it at SitePoint a few months back - just get the updated (linked) version as I'd gotten carried away with deleting personal information from my code.

    Regards,

    DK
    David K. Lynn - Data Koncepts is a long-time WebHostingBuzz (US/UK)
    Client and (unpaid) WHB Ambassador
    mod_rewrite Tutorial Article (setup, config, test & write
    mod_rewrite regex w/sample code) and Code Generator


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •