hoppers69
09-26-2008, 12:34 AM
Hi there,
New to the boards but have been using PP for the past 3 years. I am currently on 1.4.3 (and need to upgrade I know).
Long story short is the past month or two I have been getting a ton of comment spam and was going to upgrade...then today I go to my photoblog to find out it now auto redirects to a p0rn site (3movievideoclip etc etc).
I realize this is not security of PP but with my hosting provider (I have a ticket open with them to find out who and when it got hacked) but I am wondering what to do about getting my site to not redirect.
I checked on my index.php in the /root directory and it is the same as the one from years ago I used originally so it doesnt have any malicius code in there...and checked my pixelpost.php under /includes folder and it is also fine. I searched these forums and see that sometimes these files are hacked, but mine currently are not.
So question - is this somewhere repointing in my PHP database? Im not a SQL or PHP whiz but I can used PHPMyAdmin to get around and looked at my _config tables etc and dont see this domain repointed in there.
So where are these wannabe hackers doing this anyway? I can get to the root .com of my site fine, its just my PP page is the repointed one to the p0rn site. I suppose these kiddie hackers used a password generator possibly on my admin page until they figured out my password? Not sure, but that is what I assume.
I also realize I need to change my FTP and PHP passwords. I see that the hackers put a z.htm" file in my images folder that says I "was owned by owned by sponsb.obsp (at) yahoo.com of ayuncrew (DOT)com etc etc". I deleted that .htm file, but dont know if they put any other files in my subfolders.
Any help would be appreciated, I love PixelPost and once I get this fixed I am going to upgrade to PP 1.7.1 and make sure I have strong and secure passwords for sure.
Thanks,
-Matt H
New to the boards but have been using PP for the past 3 years. I am currently on 1.4.3 (and need to upgrade I know).
Long story short is the past month or two I have been getting a ton of comment spam and was going to upgrade...then today I go to my photoblog to find out it now auto redirects to a p0rn site (3movievideoclip etc etc).
I realize this is not security of PP but with my hosting provider (I have a ticket open with them to find out who and when it got hacked) but I am wondering what to do about getting my site to not redirect.
I checked on my index.php in the /root directory and it is the same as the one from years ago I used originally so it doesnt have any malicius code in there...and checked my pixelpost.php under /includes folder and it is also fine. I searched these forums and see that sometimes these files are hacked, but mine currently are not.
So question - is this somewhere repointing in my PHP database? Im not a SQL or PHP whiz but I can used PHPMyAdmin to get around and looked at my _config tables etc and dont see this domain repointed in there.
So where are these wannabe hackers doing this anyway? I can get to the root .com of my site fine, its just my PP page is the repointed one to the p0rn site. I suppose these kiddie hackers used a password generator possibly on my admin page until they figured out my password? Not sure, but that is what I assume.
I also realize I need to change my FTP and PHP passwords. I see that the hackers put a z.htm" file in my images folder that says I "was owned by owned by sponsb.obsp (at) yahoo.com of ayuncrew (DOT)com etc etc". I deleted that .htm file, but dont know if they put any other files in my subfolders.
Any help would be appreciated, I love PixelPost and once I get this fixed I am going to upgrade to PP 1.7.1 and make sure I have strong and secure passwords for sure.
Thanks,
-Matt H