CMS Made Simple Forums

Hi all.
My site was hacked, after that I saw many spammy links in header and body of my site... (admin panel too)
I clean up index.php, include.php and some other files, also I find some kind of "web browser" in my postlet folder - deleted and closed via .htaccess.
But links still there

I know that ver. is old and now i'm planning to upgrade it.
I have no backups and my data is very important, i can't just delete all.

Help pls


Janny.

I have no backups and my data is very important

How could you...lesson learned I would say (I know... it's sarcastic... but if you have important stuff... back it up!)

Ok, back to your problem:

I had someting like this with a static old site i nearly forgot about... I do not know how... but they got in it via FTP (luckily only a limited account), spammed each folder with tons of HTML pages that where full of pills, porn and poker links. Then they pasted html into my pages that refered to these created pages and external ones... of whcih the links looked pretty much like what I got). It was as if a bot just grabbed every file and pasted links to these files into the code. I guess this is how you push your ranking results in the 3P Business.

Cleaning was ok for me since I only had 3 static pages... have you looked into your database, probably they left that out? what is the content saying? If your DB is ok and only your files where corrupted, backup DB, flush everything, change all passwords of all accesses (FTP, DB, etc). Reinstall CMSMS and upload your backup to the DB...

I hope that you could find some help...

oh... and you should probably notify your hosting provider and report the incident to the police.

Oh dear... the web is like a big city... being smaller... you could park your car unclosed at night at a dark side-alley. But now you carry around a whole garage with you, so your car doesn't get hijacked while you drive on the highway during day.

Best
Nils

Hey friends its so stupid they hacks our sites every day, last week they hack 2 my sms made sites. Today they hacked onother. Its bad game they hack us, and we stay and just backup, dellete stupid spam, porn, pills HTML pages and ahve noting to do. I have strong security and agayn index.php has hacked.
stupid game...

Here there are a few steps if you have not hija in DB


Alby

Hi,
thanks all for help, problem solved
db was uncorrupted, just reupload index.php and inlude.php, after that my old ver. became clean from spam.
but i'm renew version (clean install).

lesson learned, you r right, nhaack.
nah police that was my fault, now i will be check for updates

thanks again,
Jenny.

how are you shoure that they can hack your site tomorow? Yes you replace today index.php but they can hack you tomorrow.
What is the problem with index.php does anybody know?

toto wrote: how are you shoure that they can hack your site tomorow? Yes you replace today index.php but they can hack you tomorrow.
What is the problem with index.php does anybody know?

Yes if you have bad scripts in files or DB.
Here is the importance of a good cleaning ...

Alby

alby wrote: Here is the importance of a good cleaning ...

And preventive hardening. A webserver has locks, just use them. And stay uptodate (1.4.1 today).

Pierre

Thank you Alby, what do you mean bad scripts or DB?

toto wrote: Thank you Alby, what do you mean bad scripts or DB?

ex: index.php or include.php hacked or iframe tag in template DB
all codes not your ...

Alby