XF 1.0 I have been Hacked..???????? HELP
- Thread starter wickedstangs
- Start date
MGSteve
Well-known member
Yup, I'm on CentOS myself and was on it with a previous host too.
EasyTarget
Well-known member
I use KnownHost managed VPS. Fast and very good customer service. Not the cheapest, but they have 2 datacenters, Texas and California.
Digital Doctor
Well-known member
ummm ...
can't you upload some index.html to the HTML root and get rid of this message ?
At least until the backup is complete ?
can't you upload some index.html to the HTML root and get rid of this message ?
At least until the backup is complete ?
wickedstangs
Well-known member
kkm323 just informed me that the site can be seen at http://www.wickedstangs.com/community/forum/
Digital Doctor
Well-known member
I have a file called index.html
and I upload a .jpg file with a "We are working on the site, Thanks for your patience" message.
and I guy with a hard hat in the picture.
Code:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>WickedStangs - coming soon </title>
</head>
<body>
<img src="underconstruction.jpg" alt="Under Construction" />
</body>
</html>and I upload a .jpg file with a "We are working on the site, Thanks for your patience" message.
and I guy with a hard hat in the picture.
Digital Doctor
Well-known member
Yea. works for me now too.
But.
http://wickedstangs.com/community/
still shows the compromised image !
kkm323
Well-known member
I think the hacker change his .htaccess file, is good to update it
wickedstangs
Well-known member
Deleted the index.htm files and looks like the site is up now.. My .htaccess file does not look like yours..
kkm323
Well-known member
that's not mine is the one that comes with xf
this file is for the Friendly URLs if you have enable otherwise is better to delete the file until you solve the problem.
if use change from [htaccess.txt] to [.htaccess]
kkm323
Well-known member
press ctrl+f5 in your site 
running fine now.
the problem is not solved yet you have to look for the injected file. Otherwise he/she is going to do the same thing over and over again. Do an entire scan for all files in your website. Also disallowed the upload of php files or html
best regard
running fine now.the problem is not solved yet you have to look for the injected file. Otherwise he/she is going to do the same thing over and over again. Do an entire scan for all files in your website. Also disallowed the upload of php files or html
best regard
Digital Doctor
Well-known member
When I press control+F5press ctrl+f5 in your site
http://wickedstangs.com/community/
looks as it should.
kkm323
Well-known member
The entire site is working now.. try hard refresh twice.. it should work
Digital Doctor
Well-known member
wickedstangs
Well-known member
How can I fix my .htaccess file? In my other accounts? Can I just delete them?
wickedstangs
Well-known member
this does not look right??
Code:
# -FrontPage-
IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
a legacy reborn
Well-known member
I use KnownHost and have to say that they are amazing
. WiredTree would be better but only if you are willing to spend a bit more.Similar threads
- Suggestion
- Question
