Hi chaps,
Bit of an URGENT one here, i have a php mysql website on a shared server with 123-reg.co.uk.
The site has been hacked somehow/somewhere.
If you enter the site in google, it appears as:
HackeD By PCH Crew {PakCyberHaxors.com}
But if you enter the site into the browser address, it shows fine.
The index.php file in the root of the site is a redirect, but as mentioned above, it seems to be working fine.
Is there anything I can do from my end, or is this a server issue?
Many thanks
Samuel
I had this happen with a client in the past. If you change your browser ID string to a search engine indexer and visit the homepage, the ad text shows up. It’s a largely silent hack where ad text is only showed to search bot indexers and the normal page is showed for web browsers.
It's also possible that the PHP code that does this is "hidden"; I've seen it embedded using the eval(base64_decode()) functions.
Hi, thanks for the reply:
It’s a largely silent hack where ad text is only showed to search bot indexers and the normal page is showed for web browsers.
Seems to be whats happening here, how do I go about correcting this?
You’ll either have to restore your PHP files to before the hack occurred, or look at each one individually.
OK, I have checked all PHP scripts and they look fine.
Also changed by MySQL password to something very strong.
Checked all user inputs and used mysql_real_escape_string() and strip_tags() where appropriate.
I’ve resubmitted the url to Google, so hopefully that will help.
If there is something else that will help, please let me know!
Many thanks
To test your page, try this:
https://addons.mozilla.org/en-us/firefox/addon/user-agent-switcher/
and change the browser agent to the google bot. Then visit the page in question.
Don’t forget to change it back to default (or uninstall) when you’re done.
Cool,
thanks for that, I’ve tested it with the Googlebot agent, and looks OK now. Just waiting for Google to re-index the site and hopefully things will be OK.
Many thanks