Well this is the first blog post about something techie. Thought I would mention this issue because it’s the first time something like this has happened to me.
For those that don’t know, I do websites and am fortunate to get paid for it!
I had a site go down – falconhealthcare.co.uk. When visited, it was just a blank page and I couldn’t FTP in. I checked the hosting company for any issues and they reported a performance issue on the servers. I gave it some time, but still nothing happened.
To see if it would help, I re-uploaded the index.php file of the site, which was running on Drupal CMS. Huzzah! The site was working again. I was about to go back to playing on Facebook, when I thought I’d just check some of the site’s links were working ok. Suddenly I was being redirected to allvideo.org.uk – a very nasty site that has lots of malware and other evils. Needless to say I gave a huge WTF?! and was very, very confused.
As if you didn’t already know: Google is your friend. It was mine too as a search produced this post by Tony Geer that explained everything. Reading it I discovered that sure enough, my .htaccess file had been altered and I’m guessing so had my index.php. Fortunately the addition to the index.php file had knackered the site good and proper, preventing any innocent users from being hijacked.
I sorted out the site, upgraded the Drupal core and changed the password for ftp. Was this all linked to the ‘server issues’ Heart Internet were having? Who knows. I have reported it to them, so we’ll see what, if anything, they have to say on the matter.
And thanks Tony, you da man.
Update: Heart Internet have suggested that it’s a PC virus that intercepts usernames and passwords and uploads the dodgy content. They helpfully pointed out it was the Gumblar virus. Hmmm, I smell a cover up. Why? Because I use a Mac and I’m the only one with FTP access! Perhaps this issue is a bit closer to home than Heart Internet realise or want to admit.
Subscribe by RSS
Hi,
My WordPress installs across a couple of accounts with Heart Internet look to have being hacked.
All redirecting to allvideo.org
It is so annoying that I have to clean it all up now. I have contacted HI and see what they have to say.
Hello,
I have a Heart reseller account and I am pretty sure that 3 of my client sites have been hacked.
I too am on a Mac using very good passwords and my computers are encrypted. I challenged Heart Internet about this and they told me the password had been compromised, a short while ago the started locking ftp accounts so now you have to go the portal before hand. I think something is going on here…..
David Lee
Haha nice! Great Work. Check out my san andreas.
bebo is in dire will need of much more bandwidth, its genuinely just like the only matter that I dislike in regards to the internet site.
The same problem on Heart Internet. I had couple of accounts hacked. I didn’t give anybody ftp passwords, I don’t store them anywhere. Clean, up-to-date secured Drupal site. So HeartInternet has been compromised. They have kind of perl CGI scripts, which they could be executed with some dirty commands.
Used to work for Heart Internet. Hacking into their sites is easy and a big problem for them. It will cost them to fix all the holes they have, so they always blame every one else and their FTP details blah blah…
Just avoid Heart Internet, their problem won’t be solved any time soon.
I beloved up to you’ll receive carried out right here. The caricature is attractive, your authored material stylish. nevertheless, you command get got an nervousness over that you want be turning in the following. unwell indisputably come further in the past again as exactly the same nearly very continuously within case you shield this hike.
You’re actually a just right webmaster. The site loading pace is amazing. It kind of feels that you’re doing any distinctive trick. Furthermore, The contents are masterwork. you have performed a fantastic task in this topic!