Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@. Skimlinks & other affiliated links are turned on

Search
  • FIRST POST
    • mdonaldson
    • By mdonaldson 5th Aug 18, 12:57 PM
    • 55Posts
    • 4Thanks
    mdonaldson
    Website Redirecting
    • #1
    • 5th Aug 18, 12:57 PM
    Website Redirecting 5th Aug 18 at 12:57 PM
    I have my own website and last night when trying to visit it I was redirected to another website selling watches! I contacted my hosting website and they restored my website from a recent backup and it is now working correctly. I also changed my login password for my hosting websites control panel.

    I take it that my website had been hacked and I was wondering if anyone could give me an explanation of the most likely reasons this happened? Did someone get hold of my password for my hosting website or was there another way it could have been hacked without the need of my password? I have virus scanned my computer and it is clean. I have had the website for 4 years and nothing like this has happened before.
Page 1
    • D_M_E
    • By D_M_E 5th Aug 18, 2:21 PM
    • 1,884 Posts
    • 66,420 Thanks
    D_M_E
    • #2
    • 5th Aug 18, 2:21 PM
    • #2
    • 5th Aug 18, 2:21 PM
    Could be the hosting site has been hacked - there was a report of this a few weeks ago, can't recall which one it was that got hacked.
    • mdonaldson
    • By mdonaldson 5th Aug 18, 8:02 PM
    • 55 Posts
    • 4 Thanks
    mdonaldson
    • #3
    • 5th Aug 18, 8:02 PM
    • #3
    • 5th Aug 18, 8:02 PM
    My hosting site is Smarterasp.net and I can find any details about them being hacked.
    • kwikbreaks
    • By kwikbreaks 5th Aug 18, 8:10 PM
    • 8,936 Posts
    • 4,465 Thanks
    kwikbreaks
    • #4
    • 5th Aug 18, 8:10 PM
    • #4
    • 5th Aug 18, 8:10 PM
    Did you undertake any investigation into what mechanism was being used to redirect your site? Was the other site hosted by the same ISP?
    • Lorian
    • By Lorian 5th Aug 18, 8:13 PM
    • 4,547 Posts
    • 2,607 Thanks
    Lorian
    • #5
    • 5th Aug 18, 8:13 PM
    • #5
    • 5th Aug 18, 8:13 PM
    have you used the same username(email)/password combination anywhere else?

    Check you email address at https://haveibeenpwned.com/ any leaks of your info?

    what is the website written in - is it some content management system?
    • mdonaldson
    • By mdonaldson 5th Aug 18, 8:16 PM
    • 55 Posts
    • 4 Thanks
    mdonaldson
    • #6
    • 5th Aug 18, 8:16 PM
    • #6
    • 5th Aug 18, 8:16 PM
    Sorry, it was very late at night when I noticed and I was in such a panic about it I just deleted the website and got my hosting website to restore it from a backup! I'm kind of kicking myself now for not a least downloading a copy of the website files for analysis after but as I said I was in such a panic about it, having never had anything like this happen in 4 years of having the website!
    • mdonaldson
    • By mdonaldson 5th Aug 18, 8:44 PM
    • 55 Posts
    • 4 Thanks
    mdonaldson
    • #7
    • 5th Aug 18, 8:44 PM
    • #7
    • 5th Aug 18, 8:44 PM
    No, I have not used the same email/password combination anywhere. I have checked the email address I use with the hosting website at haveibeenpwned.com and although there are some breaches, they are just for websites I rarely use. I log into the hosting website with a username. The website is written in c# and ASP.NET.
    • RealGem
    • By RealGem 6th Aug 18, 12:43 PM
    • 284 Posts
    • 118 Thanks
    RealGem
    • #8
    • 6th Aug 18, 12:43 PM
    • #8
    • 6th Aug 18, 12:43 PM
    It needn't be the hosting site that was hacked. It could have been just your site. The hackers use dictionary scripts, so never use any actual words in your password. Google Password Generator to create a long one with obscure numbers letters and symbols.

    If it was a Wordpress site, never use Admin as the admin username. And never have your admin username the same as your Display name. Here's a video on how to change your Wordpress admin Username. https://www.youtube.com/watch?v=ESsysqgp6xw

    And you can also change the Display name in the dashboard area.

    And also use a gobbledegook password for Wordpress. Many WP sites are hacked as they are easy if they have admin as the username and a simple word password, and the hackers don't need to touch anything on the server.
    Last edited by RealGem; 06-08-2018 at 12:59 PM.
    People only get upset
    when their expectations are not met.
    • BaldwinJackson
    • By BaldwinJackson 6th Aug 18, 4:35 PM
    • 1 Posts
    • 0 Thanks
    BaldwinJackson
    • #9
    • 6th Aug 18, 4:35 PM
    • #9
    • 6th Aug 18, 4:35 PM
    Well there are several root cause which can create such issue like there was simple malware which infected your website by redirecting your website to their site to get free traffic. Well I would recommend you to change all the C Panel Pass, WP Admin Pass, FTP Pass and change the default URL of W Dashboard which /wp-admin to /custom and block it using ht access file. I have been facing such issues for quite long time due to themes, plugins and hosting. One of my website was hacked and when I restored the backup version there was malware which provided access to hacker in no time. I would recommend to use create a local copy of your website using WordPress backup plugin to avoid any future inconvenience. All the best
    • S0litaire
    • By S0litaire 7th Aug 18, 10:14 AM
    • 3,460 Posts
    • 2,180 Thanks
    S0litaire
    if it was a wordpress site, then take a look at Wordfence

    https://www.wordfence.com/

    I've the free version running on my site and it does a good job alerting me about potential site issues.
    Laters

    Sol

    "Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"
    • AndyPix
    • By AndyPix 7th Aug 18, 10:30 AM
    • 3,880 Posts
    • 3,216 Thanks
    AndyPix
    Why all this talk of wordpress ? OP clearly states it is written in C#


    OP How secure is your site against the usual hacks ?? SQL injection etc ..
    Are you sanetising user inputs ??


    If you want to post the URL i will check it over for you
    Running with scissors since 1978
    • mdonaldson
    • By mdonaldson 7th Aug 18, 8:14 PM
    • 55 Posts
    • 4 Thanks
    mdonaldson
    I use an SQL database with the website and I have a search box on each page. I made sure that SQL injection and cross scripting attacks could not get through using the search box. I have read that a lot of attackers put new entries or delete entries in the SQL database but my database appears to be untouched so I don't think it can have been one of those attacks?
    • mdonaldson
    • By mdonaldson 7th Aug 18, 8:26 PM
    • 55 Posts
    • 4 Thanks
    mdonaldson
    Just to add, the only major change I have made to the website recently is to switch from http to https. I got a SSL certificate from SSL For Free and my hosting website installed it for me after I uploaded the certificate as a pfx file. I was also required to get a static IP address for this. All this was about a month ago. Could that have had anything to do with what happened? It is stange the website has been fine for 4 years and then I make the change to SSL and I get attacked!
    • AndyPix
    • By AndyPix 9th Aug 18, 10:06 AM
    • 3,880 Posts
    • 3,216 Thanks
    AndyPix
    Do you hold any usernames / passwords in the sql table ?


    The main use of SQL injection is to trick the site into dumping the contents of sql tables rather than adding data - hence the above question
    Running with scissors since 1978
    • mdonaldson
    • By mdonaldson 9th Aug 18, 10:56 AM
    • 55 Posts
    • 4 Thanks
    mdonaldson
    I have a shop and the table just holds product details, prices, etc. I do not store any details from buyers. I have another SQL table which holds records of what people have searched for using the search box. I have noticed in the past attempts to use SQL injection using the search box but they fail as I have protection for this in place. LINQ protects against this anyway I think?
    • AndyPix
    • By AndyPix 9th Aug 18, 11:27 AM
    • 3,880 Posts
    • 3,216 Thanks
    AndyPix
    If you want to PM me the url of your site - I will check it for vulnerabilities with your permission
    Running with scissors since 1978
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

2,473Posts Today

7,990Users online

Martin's Twitter
  • Good news for those aggressively criticising this poll and trying to pull it apart. I've just got off a 3 way call? https://t.co/Pu750aktyg

  • a) I dont believe it is misleading b) I don't believe my poll is badly worded, and certainly don't know it is. If? https://t.co/0DduzIaHBk

  • Are you overdrawn, if so typically by how much just before you're paid? (sorry for a 2nd poll in a day, but it'll? https://t.co/RwDJ6ZkYQw

  • Follow Martin