this is an emergency.... someone hacked my site and entire index.php file got changed...and got repalced by a porn site
is it possible or someone logged in and did it intentionally???
its so un-fare and so fuking wrong, i am terribly upset..
plssss plsss guide me how to secure my oxwall site... i never anything wrong with anyone
Leader
4 years ago I got hacked because I installed WordPress and there was a zero day vulnerability, which caused that an automated hacker-bot replaced all my index files adding extra code for redirection to a porn website. This bot scanned all the internet and did the same to hundreds of thousands of websites.
Is your website in a shared hosting, VPS or dedicated? Do you have any other web software or CMS installed? What was the last plugin that you did install on it and when? Are you using Oxwall or Skadate?
Senior Developer.
LeaderThanks everyone, he sent me a PM but i was not here..
Ash, first of all relax and breathe, you will make mistakes if you are too emotional when trying to fix things... relax and we will help you get your site back....
I think he has a dedi and is running cPanel and WHM. He might want to go ahead and run the virus scanner that comes with cPanel at some point to check the files and the environment.
It may be easy to fix, maybe they just replaced one file, the index... However the challenge is learning how they did so by checking the logs.
You are in good hands with Chris_W and SD ash... best of luck... :)
Leader
have u recently added some custom php code or installed custom plugin?I have quite few plugins but i checked all of them deactivating, and none of the one were the reason, also i have stoped using stale old plugins and only using best rated plugins of good developers like Dave, Sr.Developer, Patricia, ArtMedia etc (those who are active in forum and seems genuine)
I had a similar problem a couple of years ago. A rogue employee at the hosting had edited the .htaccess file to redirect to another domain. That would mean he could alter anything else as well.Yes this is what i did, i took the original file from gethub and replaced it to solve it
There are only three ways I know of to change which site opens, the one mentioned above, and someone getting hold of your hosting admin/ftp username and password, and as you said replace some or all of the files. Another way is to access your Oxwall admin and add an html redirect in the custom head code box.
The index.php isn't unique to your site, just put the original one back via ftp. Also check the file date/time on the .htaccess file to make sure it is the original edit.
I can help to fix it, we need more info to know how did they do it to prevent this from happening again. This need a deep inspection, if you want I can take a look at your server to see if I can find out how did they do it.I am using shared hosting of fastcomet sir and installed oxwall from softaculous
4 years ago I got hacked because I installed WordPress and there was a zero day vulnerability, which caused that an automated hacker-bot replaced all my index files adding extra code for redirection to a porn website. This bot scanned all the internet and did the same to hundreds of thousands of websites.
Is your website in a shared hosting, VPS or dedicated? Do you have any other web software or CMS installed? What was the last plugin that you did install on it and when? Are you using Oxwall or Skadate?
Senior Developer.
Sir this site is not on dedi the one as you know. Yes i will try to take their help Chris and SD, as of now just removing all the extra theme and plugins which are of aron which i bought and also getting a site scan running by hosting guysThanks everyone, he sent me a PM but i was not here..
Ash, first of all relax and breathe, you will make mistakes if you are too emotional when trying to fix things... relax and we will help you get your site back....
I think he has a dedi and is running cPanel and WHM. He might want to go ahead and run the virus scanner that comes with cPanel at some point to check the files and the environment.
It may be easy to fix, maybe they just replaced one file, the index... However the challenge is learning how they did so by checking the logs.
You are in good hands with Chris_W and SD ash... best of luck... :)
LeaderIf you indeed got hacked, i would change all your passwords immediately, cpanel, whm, root, ssh, ftp. I believe with cPanel if you change your main password the others are changed automatically, but i could be wrong.
Also change your ssh port to a non standard port in case they are getting in via ssh, use a port number between 1024 and 32,767
I usually use this as a guide and just pick one that i feel is not used that often...
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
just remember to change your login to use that new port number...
Leader
ash i thought you were running a dedicated server, how are you doing all those huge projects on a shared server?Sir i show unlimited times demos to client till they are satisfied limited to 100users on shared then shift them on dedicated.
Yes sir, i have changed the passwords, looking on your inputs of these now..If you indeed got hacked, i would change all your passwords immediately, cpanel, whm, root, mysql, ssh, ftp. I believe with cPanel if you change your main password the others are changed automatically, but i could be wrong. Of course SSH and FTP have to be changed manually.
Also change your ssh port to a non standard port in case they are getting in via ssh, use a port number between 1024 and 32,767
I usually use this as a guide and just pick one that i feel is not used that often...
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
just remember to change your login to use that new port number...
Yes his plugins are the biggest junk, i took risk everytime buying and then half of them i had to claim money back on paypall, becasue no options but to use since no same alternative available in store... i pray to god that you guys pls make arons alternate plugins...Oh ok...
Well thats one of your problems right there, using arons old plugins, they are very insecure.
his plugins not even getting deleted after uninstall... its just like leech sucking my blood
Leader
okin time i feel someone will make new plugins...
i did edit your post i replaced the c... word with the word junk :) (profanity policy)
Also SD is better at the current backend server processes than i am... he can help you more there... :)
Leader
Leader
