Website hacked any advise?

Status
Not open for further replies.
#1
Well it has been a long time since we visited the forum but we are having problems with our website and at a loss as what to do, when I had a light bulb moment and remembered all the past advice received from the Statcounter forum. So thought it was worth a shot to see if any of you have any advise on how to clear the hacker who has now infested our website and seems to have locked us out of our cpanel. The web address is www.hippyclothingukatg4u.com .Any help gratefully received!
 

Car Guy

Super Moderator
#2
I've been fortunate not to have to deal with this myself.

You'll have to contact your web host and have then re-issue you a new user and password.

Then delete everything in the public directory and upload your site again.
 
#3
I don't see evidence of hacking in Google's index.

As Car Guy said get your hoster to change the password on your site.

Scan your own computer with a good anti-virus program as well as with Malwarebytes.

Make sure your FTP program is secure. Filezilla is better than many others.

Add and verify your website (all 4 variants: www and non-www, http and https) to Google Search Console:
https://www.google.com/webmasters/tools/home?hl=en

You would have to create a Google account if you don't have one.

Your site has a problem. When you request the robots.txt file it 301 redirects to http://www.hippyclothingukatg4u.com/robots.txt/ which subsequently responds with 404. This should not be happening. If you d not have a robots.txt file the immediate response should be 404, not a redirection.

However it would be beneficial to have a robots.txt file even if you block nothing in it:

Code:
User-agent: *
Disallow:

The https version works with no warning except the pages are dsplayed without style. You need to 301 redirect all https requests to the corresponding http urls unless you want to convert your site to https - then you'd also need to fix the markup so everything included is on https. In any case you need to 301 redirect from teh version you don't want to the one you want.

See https://faqhowto.info/only-validation/301-redirect-https-to-http-or-viceversa-on-apache-server/

Check your Webmaster Tools account for any messages indicating either a hack or spam or any other possible issues. Check for all variants of the site.
 
#4
Also you omitted the trailing slash in much of your internal navigation which results in a 301 redirection to add the trailing slash at every step. You should fix that.
 
#5
It is not good for your website. you need to remove your website in hosting and server panel. Don't upload you hacked website data. if you have Last backup (Not Hacked) upload this website in hosting server. I also suggest you to purchase ssl certificate for security for your website. you will purchase here godaddy, hostingraja silconhouse etc.
 
Last edited by a moderator:
#7
I had the same problem
What problem? You had your site hacked? There are 2 types of hacks: malware and spam. Sometimes a spam hack also contains malware.

Using ads from some ad servers may introduce 3rd party malware.

To test to see what kind of hack and to get information on clean up procedures you can use the tool https://aw-snap.info/file-viewer/ .

For a Wordpress site you need a plugin like Wordfence.
You need to keep all core WP, plugins and themes updated at all times.

Also to get more help you can visit the Security, Malware and Hacked Sites section in Google's Webmaster Central forum: https://productforums.google.com/forum/#!categories/webmasters/malware--hacked-sites
 
#8
Hi, I was using the following script on my website:

<a href="http:// www .freecounterstat .com" target="_Blank" title="website counter ">visits</a> <script type="text/javascript" src="http:// counter6. statcounterfree. com/private/counter.js?c=91183d1d4332874b9adf65f72f 7261d9"></script>

I was told that there was a malware installed that was redirecting to thegoodplan.ovh or other sites (i.e. doctopdf).
Now I have removed it and the redirect bug is gone.
Any suggestions?

Thank you
 
Last edited by a moderator:
Status
Not open for further replies.
Top