lu Posted February 14, 2009 Report Share Posted February 14, 2009 Twice someone has uploaded a whole directory onto my webserver under my websites address. I found it the first time by accident - deleted the folder they had created and changed my passwords. That was 1 month ago. Yesterday I found out they had uploaded another folder. I deleted it, changed my passwords and contacted my host. They said they couldn' t do anything about it - is this right? Someone can just upload pages to my website and I can't stop them? The real problem is my website is family friendly - and the pages they uploaded were all gaming cheats or adult content. The pages they uploaded are now in the Google index and I can't delete them - tried and Google won't allow it since other pages are now linking to them. The pages don't exist anymore and they pull up a 404. I'm using Expression Web - anyone have an idea how to stop this? Quote Link to comment Share on other sites More sharing options...
jlhaslip Posted February 14, 2009 Report Share Posted February 14, 2009 Change Hosts. They appear to have security issues. And what sort of site are you running? a PHP based site that includes an upload script? Check the code for vulnerabilities. Quote Link to comment Share on other sites More sharing options...
falkencreative Posted February 14, 2009 Report Share Posted February 14, 2009 Someone can just upload pages to my website and I can't stop them? If your site is insecure or someone managed to figure out your password, no, you can't stop them. Sounds like you did the correct first step by changing your passwords, and hopefully that will take care of the problem. Are you using any sort of content management system? If so, have you changed the password on that? Remember that a secure password uses a mix of letters (both uppercase and lowercase), numbers and symbols, and defintely don't use anything from the dictionary, since that is pretty easy to crack. Quote Link to comment Share on other sites More sharing options...
sjhwebdesign Posted February 14, 2009 Report Share Posted February 14, 2009 to remove from google add this to .htaccess; Redirect theredir/theirpage.htm http://www.yoursite.com/yourpage.htm'>http://www.yoursite.com/yourpage.htm (one for each page ) Redirect theredir/ http://www.yoursite.com/yourpage.htm (one for each dir) This will look for people entering the offending url and redirect them to your site. I'm not sure how to remove from google cache if they wont do it for you. You should delete your cookies etc from your pc, your could have a tracking cookie/virus which has got hold of your ftp settings. Quote Link to comment Share on other sites More sharing options...
jlhaslip Posted February 14, 2009 Report Share Posted February 14, 2009 Another thing you could do is re-direct the nasty pages to Google.com using a 301 redirect so Google and other Bots knows that it is permanent. Often these re-directs can be managed from a module inside your Control Panel so you do not need to get your hands dirty with code. Additionally, (if your Host allows), create a 404 Error page that lists your site Index or does a meta re-direct to your Index page. Quote Link to comment Share on other sites More sharing options...
lu Posted February 15, 2009 Author Report Share Posted February 15, 2009 Thanks for all of your suggestions. I'm working on putting most of them into practice. Lu Quote Link to comment Share on other sites More sharing options...
Guest ethenhunt00 Posted March 4, 2009 Report Share Posted March 4, 2009 (edited) one thing i would like to suggest is got to google webmaster tool.. go to google , search webmaster tool, you will get the google webmaster url.. go there inform them that you want to remove your pages .. and do it... after your request send.. it will be implemented after 3-4 days .. and page from cache also deleted.... Edited March 4, 2009 by ethenhunt00 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.