| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 108750 | 2010-04-10 03:25:00 | Trouble with my personal webspace | kirkmc (15074) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 874794 | 2010-04-10 22:33:00 | Hi Kirk, Tried to access the site this morning and got blocked. Just a thought, and knowing you have changed your password to highest rating, there's nothing being transferred from your computer to the site? Don't know whether it's possible that there's something hiding in your comp? Have you done all the usual scans lately? |
SP8's (9836) | ||
| 874795 | 2010-04-11 02:24:00 | I think the comp this end is OK - did a scan with the latest AVG and all OK and yes, password has been changed. Those extra script lines that must be the problem are being added to the html files after they leave here. Just had a thought - is it possible to set the files there to read only? And would that prevent anyone adding anything to them? I'm going to change the attributes here, then upload that file and see if still gets infected. I've also found how to edit the files online which makes it a bit quicker/easier but I don't know what sets wheels in motion (that results in this 'Attack warning') or how long I have to fix things. |
kirkmc (15074) | ||
| 874796 | 2010-04-11 02:50:00 | Upload a clean set, check the timestamps. When the files get altered on the site, the timestamps should change. Get Orcon to check the access logs for that time. |
fred_fish (15241) | ||
| 874797 | 2010-04-11 03:28:00 | Hey Dad :) Don't bother trying Google, Mozilla or Microsoft - at least not yet. Mozilla/Microsoft have nothing to do with it - they just provide the software. Google is correctly marking your site as malicious, because it IS malicious at the moment. You're uploading your clean HTML files to Orcon, who are (apparently) hosting them for you. First, Orcon are RIDICULOUSLY unhelpful when it comes to support. Dont get me wrong - I know ISP support teams in general are notoriously condescending and generally unhelpful when dealing with customers, but Orcon really takes the cake in this field. Second, if you're using the free web hosting, there's no chance in hell of getting even a smidgeon of technical support; unless, of course, you're a massive corporate customer funneling money into Orcon's coffers. I've tried ringing Orcon today in hope of getting one simple question answered - Who controls the computer that serves up kirk.orconhosting.net.nz? Clearly, they can't tell me outside of business hours. Or because anybody using Web Hosting is considered a 'Corporate Client' and must ring a different number. Or because there's only one guy on during weekends, and he doesnt speak English. (Wouldnt surprise me) I'd ring Orcon (*shudder*) on Monday and ask, you never know - they may actually help. Even male pregnancy (http://www.malepregnancy.com/) is possible... If Orcon ever decide to come to the party and provide you with an answer to this question, you'll be able to contact that person and go from there. |
com64 (15718) | ||
| 874798 | 2010-04-11 04:43:00 | Do you mean the advertising banner right at the top? Do you have the free Orcon webhost? They introduced that for the free customers. If you are a paid Orcon customer it won't have the ads. Edit. I get them on my free Orcon host site too. I am not a paid Orcon customer. I could open your site. I could open the links, what's the issue? |
Nomad (952) | ||
| 874799 | 2010-04-11 06:50:00 | Fred, that's a darn good idea... will do. Commander64, so far so good. I hope you're not calling me a malicious corporate identity !!! :) I will call Orcon on Moday, and even show them this thread. Thanks to everyone for their input. Nomad, yes it's free Orconhosting with Google ads, which Orcon told me was OK. But see earlier. These extra scripts are not part of the ads. At the moment it's been cleaned and not reinfected (yet) so everything is Ok, as you say. I'm watching it like a hawk ! Cheers - Kirk |
kirkmc (15074) | ||
| 874800 | 2010-04-11 07:59:00 | Fred, that's a darn good idea... will do. Commander64, so far so good. I hope you're not calling me a malicious corporate identity !!! :) I will call Orcon on Moday, and even show them this thread. Thanks to everyone for their input. Nomad, yes it's free Orconhosting with Google ads, which Orcon told me was OK. But see earlier. These extra scripts are not part of the ads. At the moment it's been cleaned and not reinfected (yet) so everything is Ok, as you say. I'm watching it like a hawk ! Cheers - Kirk Theres no such thing as a free lunch. As you have said it is a free service, they make no money from it, so I would assume they have no resources to provide personal support for it. If I was you I would use a proper web host, who will provide support, and you can also use your own domain and no ads . Regarding this problem, it is most likely becuase you have a compromised script/file in your hosting space, that is causing a hacker to upload through it, or Orcons server is compromised, but if that was the case their other cusomters would also be affected. The other reason would be becuase the hackers have got your FTP login details. I would change your login details first. |
robbyp (2751) | ||
| 874801 | 2010-04-11 09:12:00 | I second that motion! You would have had this problem resolved the first time it happened if you were using a real service. Ditch the Orcon freebie and fork out $5 a month for a cheap couple of gig. Or install Apache :) I'm sure you'd *really* enjoy that! www.kiwiwebhost.co.nz/ offers 10MB space and 1GB traffic for $1 a week, or 100MB/4GB for $15/month... Login details wont be the cause here robbyp :- I think the comp this end is OK - did a scan with the latest AVG and all OK and yes, password has been changed. Commander64, so far so good. Yes. Yes definitely. That's what it means. Nice catch there! :punk I will call Orcon on Moday Yeah good luck with that... |
com64 (15718) | ||
| 874802 | 2010-04-11 09:30:00 | Thank you all, but I'm quite happy with what I have...when it's not hacked into ! I don't really consider it all that free - I pay Orcon about $120 a month and presumably they get some kind of revenue from the ads. Actually it was no good for file transfers outside NZ, everybody complained it went so slow, things timed out ! So now there's just links to a UK Server. But as it's free, no real complaints. And even if they weren't much help at least they answered the phone - and spoke English :) Cheers - Kirk |
kirkmc (15074) | ||
| 874803 | 2010-04-11 10:53:00 | I second that motion! You would have had this problem resolved the first time it happened if you were using a real service . Ditch the Orcon freebie and fork out $5 a month for a cheap couple of gig . Or install Apache :) I'm sure you'd *really* enjoy that! . kiwiwebhost . co . nz/ offers 10MB space and 1GB traffic/mnth" target="_blank">www . kiwiwebhost . co . nz/ offers 10MB space and 1GB traffic for $1 a week, or 100MB/4GB for $15/month . . . Login details wont be the cause here robbyp :- Yes . Yes definitely . That's what it means . Nice catch there! :punk Yeah good luck with that . . . There are better value hosting plans around from NZ hosting providers . Funnily enough, the company you refer to is now owned by Orcon! They have said they have changed the password, but haven't said what password they change . They need to change their FTP password in orcons hosting control panel . |
robbyp (2751) | ||
| 1 2 3 4 | |||||