Website Main Page Hijacked? (For Lack Of A Better Word)

[us24meter]

I have no web experience tho just went thru some of the tutorials here and I do have programming experience so not completely unfamiliar. The website for our sailing class association has been corrupted / hijacked and now when I do a Google or Bing (only ones I've tried) search, the main page comes up as a commerce site, (in Spanish), for clothes. If I type the web address directly it is fine.

 

How do I correct this and prevent it from happening again?

 

thx in advance!

T

[falkencreative]

Perhaps you can provide a link to the site, and the search terms you are using so we can replicate the issue?

[us24meter]

Thanks Ben!

I wasn't sure I could do that...

 

us24meter.org if you Google that the top page is redirected to a clothing site

if I type the URL in directly it shows up just fine...

[falkencreative]

According to http://sitecheck.sucuri.net/results/us24meter.org, it looks like your website has caught some malware -- specifically, a line of Javascript that is causing the redirection. I'd suggest checking all the website files for:

 

<script>window.location.href="http://www.chaquetas-espana.com/"</script>

 

and removing any instances you find (or search just for "chaquetas-espana.com"). If you have trouble, or can't find it yourself, I'd suggest contacting your host, linking them to the above site check link, and seeing if they can help.

[us24meter]

Thanks Ben! I'll have a look. Also, how to protect from future infestations?

[kralcx]

Thanks Ben! I'll have a look. Also, how to protect from future infestations?

if this has happened to you before you may want to try a different web hosting company

[us24meter]

So my page was infected on the host server? The host company ran a scan and gave a report of the infected files, these were cleaned up and reloaded but the problem remains. How do I debug this without having Dreamweaver (what the page was built using). Or what can I setup to copy and run our page from my machine. This is basically a one hit wonder. I don't need to become a guru or spend a lot of $, just want a basic site that displays properly, is safe and secure etc. thz

[kralcx]

once you place your website on a web hosting platform there is not much else you can do to protect yourself. That is why you should find a good web host so hopefully these types of attacks will be very few or none.

 

of course it goes without saying that your website should be properly coded (e.g. javascript, php,etc.)

[us24meter]

Are there any web host ratings? How do I know what host companies are good?

[kralcx]

Virtually all the web hosting companies will say they are the best. So just ask around; people whose opinions you trust.

 

If this helps I have used hostgator in the past with no problems and I currently use hostmantis without any problems.

[us24meter]

We're on Ready Hosting... Was initially set up by someone waaaaayyy more web savvy than i

[Andrea]

Since we don't really know how they got in, it's hard to say. I've had a website attacked via an older version of zenphoto. Vulnerabilities in php or script files are another way to get attacked. However, it can very well be an issue on the host's site. I've had one site attacked several times, and it wasn't anything within the site itself. The host kept blaming my password, which by then was about as hackproof as it can get. I finally moved to a new host. Now I'm using iPage and haven't had a problem since.