XF 1.4 My forum is being attacked by malware time and again

garry420

Active member
Hello All,

Please guide me . my forum is attacked by malware second time.
I got malware removed twice and again its back.
when i search for some keyword and i see my website in search results but when i click on it , it redirects me to some other website.
Website - http://www.indiasforum.com/

Thanks
 
Well, we shouldn't really have a possibly infected site being shown to us.

Best to first rule out that the server/forum is infected, not your computer. If it's your website, if you're using shared hosting you should contact your provider and if it's a dedicated server/VPS you should get a sysadmin to take a look. If it's your computer, head over to G2G or Bleeping Computer and get your PC disinfected.
 
  • Like
Reactions: HWS
Well, we shouldn't really have a possibly infected site being shown to us.

Best to first rule out that the server/forum is infected, not your computer. If it's your website, if you're using shared hosting you should contact your provider and if it's a dedicated server/VPS you should get a sysadmin to take a look. If it's your computer, head over to G2G or Bleeping Computer and get your PC disinfected.
no idea here it shows as well https://sitecheck.sucuri.net/results/indiasforum.com
 
Are you running WordPress on your site? If so, then you need to keep it up to date along with the add-ons.

EDIT:
Looks like you are... and that's your most likely avenue of intrusion.
 
Last edited:
You need to investigate the plugins you use on the WordPress site. Almost always when I've seen something like this the manner of intrusion has been due to WordPress.
The fact you are on shared hosting opens you up to other so-called admins of sites on it that haven't updated and if the hosting provider is not pro-active it can effect other sites on the server that belong to other clients. Just one more reason I will never use shared hosting provider again.
 
You need to investigate the plugins you use on the WordPress site. Almost always when I've seen something like this the manner of intrusion has been due to WordPress.
The fact you are on shared hosting opens you up to other so-called admins of sites on it that haven't updated and if the hosting provider is not pro-active it can effect other sites on the server that belong to other clients. Just one more reason I will never use shared hosting provider again.
Can VPS Solve this problem ?
 
Can VPS Solve this problem ?
VPS would (if using KVM) usually minimize that issue of others on the system impacting your site.
The issue remains that most likely you are using a poorly coded add-on that has a security hole in it, or you failed to keep up with the updates of WordPress as they have come out (and the associated add-ons). You need to be checking every other day at the least (I do every day on my WordPress installs) and keeping them updated.
 
Top Bottom