FastWebHost Support, Contact & Help Desk. Submit a ticket

Knowledgebase

(60)Pre-Sales (1)Getting Started (32)Domain and DNS (102)Website Hosting (10)Reseller Hosting (108)Email Help (15)Billing Manager (7)Affiliate Program (10)Windows Hosting (8)Wordpress Tutorials (10)VPS Tutorials (12)Billing Manager for FastWebHost.in (8)SiteLock (2)CloudFlare (1)Managed WordPress

Knowledgebase: Website Hosting > Technical Questions

Reporting Site Attack Posted by Aditya K, Last modified by Rupi Singh on 22 July 2015 12:20 AM
This is a concern to many of us Hosters and after some in-depth research, it would seem the most likely cause is that your personal computer is infected. Strange as that may sound, hackers are using a variation of Trojans to infect personal computers and then use your own FTP login information, to change the Index page and/or other targeted pages on your own site. Therefore we request you to scan your computer with a good anti-virus for infected files. Also use Internet protection tools. if you don't, you can have computer checked for viruses for free - using the free HouseCall from TrendMicro (http://housecall.trendmicro.com/). They are a very respected company when dealing with Virus related problems. You can feel secure in using their HouseCall program to access/clean your computer. Once you done that please delete files under public_html and upload them again. Steps to follow: Step 1: Install a new anti-virus program. Obviously this virus knows how to evade detection of the current anti-virus. It doesn't matter what's being used currently, you have to install something different. Step 2: Login to your control and change your FTP password. Write it down at this point DO NOT ACCESS YOUR SITE with FTP until you finish all of these steps. Step 3: Scan and clean every PC that has FTP access to your site. This is also a must. Otherwise you have no idea who's PC it is. Do not give the new FTP passwords to anyone until after you have finished all of these steps. Step 4: Remove the malicious code from your webpages. If you have a known good back-up, use that. If not, download your site (yes you'll have to type in the new password, but hopefully you're already scanned and cleaned your PC). Then open each file in your HTML editor and find the infectious code. This particular malscript usually hides immediately after the opening body tag, but we've also seen it at the end of files. You'll have to check every file on your website not just index files or just html files. Check every file on your website even .js and .css files. Step 5: Change your FTP passwords again. Step 6: Please request a delisting through your Google Webmaster account. This is not something that Team of FastWebHost can do for you. The excerpt below was copied from Google, and gives you step by step instructions to request a delisting. http://www.google.com/support/webmasters/bin/answer.py?answer=45432 Once you have reviewed your site and are sure it is clean, you can can submit a request for review. Note, you will need to verify site ownership before you can request a site review. Sign in to Webmaster Tools with your Google account. On the Dashboard, select the site you want. On the Overview page, click Request a review and follow the instructions. Then you should have that issue again. This is not the result of a faulty script or weak FTP passwords. It's the result of a virus on PC with FTP access to the infected website

Comments (1)

deepak kumar

14 August 2016 01:17 AM

corrected

Post a new comment Reply to comment
Post a new comment Reply to comment

Full Name:
Email:
Comments:

CAPTCHA Verification
CAPTCHA Verification

Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).

Help Desk Software by Kayako