Contractor Talk - Professional Construction and Remodeling Forum banner
1 - 20 of 71 Posts

·
GC/carpenter
Joined
·
43,916 Posts
Discussion Starter · #1 ·
Checked out my site today to find out it became a Syrian rebel anti-American website! I was hacked. I'm now in damage control to find out how many prospects have seen that chit.
 

·
Administrator
Maker of Fine Sawdust
Joined
·
55,685 Posts
Just reload it. You do have all your files backed up....right? Should take less than a few hours.

Oh ya, and change your password.
 

·
Super Moderator
Joined
·
28,886 Posts
Let's go screw up some Syrians...
 

·
GC/carpenter
Joined
·
43,916 Posts
Discussion Starter · #6 ·
Well I was just sitting there getting my oil changed and decided to check if my newly written content was posted yet. Bam it's says you effen Americans need to get the Phuck out of Syria. Death to All Americans! Of course I called my webhost and they shut it down. They are going to install updated security plugins. So I'm sitting without a website. Thing is I've given 3 or 4 bids in the last few days and of course I said "always feel free to visit my website for some ideas" Doh! Chit! So do I call them and explain?
 

·
Administrator
Maker of Fine Sawdust
Joined
·
55,685 Posts
Call or email them. How long do you think you were an anti American website? Do you have a tracking system? Maybe you could find the IP of the people who did this and have it blocked. Maybe even block IPs not in the US
 

·
Administrator
Maker of Fine Sawdust
Joined
·
55,685 Posts
Just did a complete backup of my website. Who said FTP software is old fashion?
 

·
Registered
Design/Build Remodeling
Joined
·
6,590 Posts
Hasn’t it always been a Syrian rebel – anti-American website? :laughing: It comes-up “forbidden” cause the NSA is on to him :laughing:

Sorry Mike – that really sucks – but I got no help for you – other than just smile – there’s worst things in life than being labeled as a terrorist :thumbsup:
 

·
GC/carpenter
Joined
·
43,916 Posts
Discussion Starter · #10 ·
I get some very frail elderly people who are just learning how to navigate. They are not going to know what that was all about, accept they want nothing to do with MLW Construction!
 

·
Registered
Design/Build Remodeling
Joined
·
6,590 Posts
Well I was just sitting there getting my oil changed and decided to check if my newly written content was posted yet. Bam it's says you effen Americans need to get the Phuck out of Syria. Death to All Americans! Of course I called my webhost and they shut it down. They are going to install updated security plugins. So I'm sitting without a website. Thing is I've given 3 or 4 bids in the last few days and of course I said "always feel free to visit my website for some ideas" Doh! Chit! So do I call them and explain?
It might be something to use to your advantage. Call explain why you’re calling… “And by the way, have you signed the agreement and written a check yet? I like it. I may turn my site into a Syrian militant site for a day :laughing:
 

·
Super Moderator
Joined
·
28,886 Posts
I don't know how the old folks are in California, but they wouldn't believe that website was yours here.
 

·
GC/carpenter
Joined
·
43,916 Posts
Discussion Starter · #13 ·
Last I heard we gave the Syrians a pass thanks to Vladimir Putin. So were not even in there. However, I'm sure there's more to it then they are telling me. :laughing:
 

·
Registered
Joined
·
529 Posts
Checked out my site today to find out it became a Syrian rebel anti-American website! I was hacked. I'm now in damage control to find out how many prospects have seen that chit.
I would first scan your local machine and any other machine used to access your website (admin panel) or FTP or Cpanel for viruses and malware and then would immediately change all passwords.

Have your host make sure your Timthumb.php is up-to-date, they will know what it is, it's a common area of intrusion on a WP site.

Then I would ask your host if they can employ host access control on your account (they might not be able to if you have shared hosting) which can limit control panel access via IP address, it works very well to keep baddies out of most areas where they can do damage.
 
  • Like
Reactions: Calidecks

·
GC/carpenter
Joined
·
43,916 Posts
Discussion Starter · #16 ·
carlsore said:
I would first scan your local machine and any other machine used to access your website (admin panel) or FTP or Cpanel for viruses and malware and then would immediately change all passwords. Have your host make sure your Timthumb.php is up-to-date, they will know what it is, it's a common area of intrusion on a WP site. Then I would ask your host if they can employ host access control on your account (they might not be able to if you have shared hosting) which can limit control panel access via IP address, it works very well to keep baddies out of most areas where they can do damage.
The only time I've accessed my admin panel was on my ipad
 

·
Registered
Joined
·
529 Posts
The only time I've accessed my admin panel was on my ipad
Who else has accessed it?

Who has FTP access?

Who has Cpanel access?

Has your webhost checked your .htaccess file? If it's an .htaccess injection there could be a big mess to cleanup.

By the sounds of it though you were only defaced which is malicious but not usually destructive. See what your host says.

This thread is the exact reason we pay top $ for dedicated hosting and backup systems with technicians on call 24/7/365. I am sorry you have to go through this.
 

·
GC/carpenter
Joined
·
43,916 Posts
Discussion Starter · #18 ·
carlsore said:
Who else has accessed it? Who has FTP access? Who has Cpanel access? Has your webhost checked your .htaccess file? If it's an .htaccess injection there could be a big mess to cleanup. By the sounds of it though you were only defaced which is malicious but not usually destructive. See what your host says. This thread is the exact reason we pay top $ for dedicated hosting and backup systems with technicians on call 24/7/365. I am sorry you have to go through this.
I'm pretty sure my webhost is on top of it, I'm also pretty sure they have my site backed up as well. The owner of the webhosting company lives across the street from me. It's a company called LunarPages. I talked to their tech guys and they didn't seem to be too worried. Thanks for the advice!
 

·
Registered
Joined
·
529 Posts
I'm pretty sure my webhost is on top of it. I talked to their tech guys and they didn't seem to be too worried. Thanks for the advice!
Cool! Many hosting companies leave it up to the customer to take care of backups. Hopefully you are back up and running soon.
 

·
GC/carpenter
Joined
·
43,916 Posts
Discussion Starter · #20 ·
carlsore said:
Cool! Many hosting companies leave it up to the customer to take care of backups. Hopefully you are back up and running soon.
Ok now I'm not sure, is there any way you can check out www.lunarpages.com to see if this is what I have? I have the basic package. Now you have me concerned. But thanks for the help.
 
1 - 20 of 71 Posts
Top