Well this is the first blog post about something techie. Thought I would mention this issue because it’s the first time something like this has happened to me.

For those that don’t know, I do websites and am fortunate to get paid for it!

I had a site go down – falconhealthcare.co.uk. When visited, it was just a blank page and I couldn’t FTP in. I checked the hosting company for any issues and they reported a performance issue on the servers. I gave it some time, but still nothing happened.

To see if it would help, I re-uploaded the index.php file of the site, which was running on Drupal CMS. Huzzah! The site was working again. I was about to go back to playing on Facebook, when I thought I’d just check some of the site’s links were working ok. Suddenly I was being redirected to allvideo.org.uk – a very nasty site that has lots of malware and other evils. Needless to say I gave a huge WTF?! and was very, very confused.

As if you didn’t already know: Google is your friend. It was mine too as a search produced this post by Tony Geer that explained everything. Reading it I discovered that sure enough, my .htaccess file had been altered and I’m guessing so had my index.php. Fortunately the addition to the index.php file had knackered the site good and proper, preventing any innocent users from being hijacked.

I sorted out the site, upgraded the Drupal core and changed the password for ftp. Was this all linked to the ‘server issues’ Heart Internet were having? Who knows. I have reported it to them, so we’ll see what, if anything, they have to say on the matter.

And thanks Tony, you da man.

Update: Heart Internet have suggested that it’s a PC virus that intercepts usernames and passwords and uploads the dodgy content. They helpfully pointed out it was the Gumblar virus. Hmmm, I smell a cover up. Why? Because I use a Mac and I’m the only one with FTP access! Perhaps this issue is a bit closer to home than Heart Internet realise or want to admit.