WEBSITE CONTENT

Read my post again. Trust me on this. I have dealt with 5 of these this year

Your point of reference is this: http://safebrowsing.clients.google....l=en-GB&site=http://www.hull-photography.com/

to re-itterate:
the issue is that your site has been flagged as a problem by either firefox, macafee, AVG or google. This relates to a visit made by any of the above a few days ago.

you need to

1. understand what the issue is
2. resolve it
3. secure the site properly
4. contact all of the above when the work is done
5. tough it out, as it can take weeks and months before you roll of the "bad list"

You may even need to consider a different domain for a while
____

Consider this - your server guy may be cluless, your server may need patching, updates, and may need to run different versions of PHP, SQL etc..

You may need to audit directory and script permissions

___

Even when you get rid of the trreat, contact all the relevant organisations to have the site re-assesed, your site may still be flagged for months and months
 
richard i did read your post and really appreciate it

i have been told that what it apparantley was by several of you was malaware so i contacted him and he told me this

as malware is part of a script you need to get rid of the script once this is done then you site will be normal again

as for the second part you said the going back to the domains listed then i will do that but not untill i can guarantee it is safe
as for the other domain richar i havnt got a spare at the moment to use so i am going to have to hope for the best im affraid

thanks richard you have been much help and so has everyone else
 
SSL has nothing to do with it, ind is not needed for a static site

Securing the server and applying the patches is a huge job - to get an indication of the size of the task: http://msdn.microsoft.com/en-us/library/aa302432.aspx

There is more than 1 sort of server, that article only deals with 1 sort, and that stuff is the realm of server tec's who earn £££

Your server guy ought to be able to produce logs which give an explaination of what is happening. Unfortunatally for you, my experience is that what is true and what is in the blurb is often not the same... I was working on a "fully patched server" last week, and its version of PHP was 5 years old! In other words, you sometimes have to "not belive the hype" when a company says "we have fully patched and secure servers"
 
just realised a friend of mine works for the local councill keeping there servers uptdate etc i will get him to look at what i have got and see what he has to say i will show him this post to so he know what to look for inc patches to the server if he can access it

i have the account as a resseller and only use it for personal sites and a few other small ones so nothing major will see what he has to say about the sever if it is better to get rid or not
 
just found out the issue with my site it was copper mine that was causing the problem and this is what my tech guy said


"The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability (milw0rm exploits 8114 & 8115). It is important that all users who run version cpg1.4.20 or older update to this latest version as soon as possible. "

unfortuantley i was running a older version so part my fault anyways atlewast i know the issue now
 
wegotitugetit said:
just found out the issue with my site it was copper mine that was causing the problem and this is what my tech guy said


"The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability (milw0rm exploits 8114 & 8115). It is important that all users who run version cpg1.4.20 or older update to this latest version as soon as possible. "

unfortuantley i was running a older version so part my fault anyways atlewast i know the issue now
Click to expand...

thee are 2 scenario's here...
1. you have weak code, and you need a patch
2. you have weak code, you have been allready exploited, and you need cleaning up, and then you need a patch

Reading up on this exploit, and looking at the fact your website is blacklistes, you are in scenario 2. Upgrading it wont get rid of the problem, i t will just prevent it happening again - you need to hand edit out the bad code, and possibly entries in the data base(usually in the comments), and then upgrade it. Expect to find it in the headder and footer include files, and files like init.php - for both the main copermine pages and the admin sides. Essentially you wil have to open up all the files that are a .php, and spot any bad code

The easiest soloution if your database isnt to big is delet the instal, and the database, and the folder. and re-install it from scratch. If you have a substantial amoount of work in there, then you will need to clean up and patch
 
i recreated the account so it is brand new code richard and brand new install

i have reinstalled coppermine which looks like the suspect with the brand new upto date version so should have no issues and will keep patching it up still learning about this type of thing and a new sql data base too

as fo the other steps to get it up and running again i have done eaxctly what you said and now havbe to wait and firefox lets me use my site with no issues now
 
You must log in or register to reply here.
Back
Top