Exilian
Announcements and Articles: The Gatehouse Quarter => Announcements! The Town Crier! => Topic started by: Marcus on December 05, 2011, 10:27:18 AM
-
Hi guys, some of you may have noticed a malware warning when visiting Exilian lately, this was because the .htaccess file was modified to perform redirects to malware sites when exilian was clicked on from google. I have removed the offending file and am about to request a review of the site to get it taken off the blacklist, and I would strongly suggest everyone does a virus check on their systems, just to make sure nothing evil was downloaded.
Thanks,
Marcus.
-
If we didnt get the warning, do a check anyway?
-
Yes Ladyhawk, do the check anyway.
Thanks Marcus I was wondering about that.
Cheers mate,
-
Okay cool. Thank you for that.
-
I never saw anything related to this.
-
It was only flagged up by the Chrome browser.
-
I just can't get on from my pc.
-
What happens if you try, NA?
-
It has been flagged up on Chrome, but also Firefox and Google's built in system from Google search.
I'm going to update the forum software, then request a review, and in the mean time look at the php code for uploading news to the main site, and look for vulnerabilities.
-
Good luck with that my friend.
-
Hey NA have you tried getting in through your history? It worked for me.
-
Well everyone I was just attacked by a virus posting on this site. Luckly my computer blocked it, and (hopefully) no harm is done. I do recommend that everyone runs a scan please. :)
-
I tried to get on with my phone and it said it could be harmful.
-
Exilian is fine from my phone. But something attacked my pooter.
-
Marcus, given Google hasn't removed us yet, does that mean there might be more redirects/malware issues?
-
Well I can get back on now, Google still shouts at me but it lets me in.
-
I'll try on my phone later again today.
-
Unfortunately, this one comes back as soon as you get rid of it, I'm going to remove the suspected vulnerability and see what happens.
-
I did it by typing the URL instead.
-
I'm wondering if we should extend the election signup period until this gets fixed, since some people aren't going to want to come on at the moment I fear.
-
Ok, I've removed the poisoned .htaccess file and removed the news script as well, which does have gaping holes in it. I'm now going to request a review and update the forum software tonight. Fingers crossed we will be clear within 24-48 hours.
-
Just taken a look at .htaccess, and it looks very much like the problem is back. :(
-
Requested review. Discovered that this nasty has put a poisoned .htaccess file in every folder that has an index file. I think it was doing it via the news script, which is now gone, so fingers crossed our Googly overlords will grant us redemption! :D
Edit: Dammit, this means the malware is still there. I'm possibly going to have to take the site offline and clear it of everything, then add stuff bit by bit.
-
Okay, if you do that is there any way to display a "Sorry, we're not available, please come back soon" page?
-
I'm going to leave the forums up and just focus on the site for the moment, and if that doesn't work I'll reinstall the forums as well. And yes, I can leave a 'sorry we're not available' message.
EDIT: In light of a message I received, it's struck the forums as well, so I'm going to take everything off the server, and reinstall bit by bit. Sorry for this guys, but It's the only way I can be sure of removing it. Don't worry about posts and data, they're stored on SQL databases which I don't think the virus has got to.
I will try to get the site, starting with the forums, back up tonight, but I can't make any guarantees. The forums at least will be up by tomorrow though. Thank you.
-
Thank you Marcus, best of luck mate. :D
-
Thanks Marcus. You doing great mate :)
-
Seems like a good job you've done here Marcus :) .
In fact, I still get redirected if I access Exilian from a Google search :/ .
-
Have you cleared your cache, SOTK? Your computer may be remembering the old .htaccess file in the absence of a file that gives a directly opposed command.
-
I have indeed. My brother's computer does the same thing too.
-
Oh for crying out loud!
Ok, this is out of my hands. I just need to contact my host and get them to sort it. I wiped everything on the server, the only thing I can think of that it could have come through is the database, although I sincerely hope not.
-
I only get redirected from Google search, not from typing in the link or using the one in my bookmarks like I did before if that makes any difference.
-
It seems that google's cache may be outdated. I'm fine when I access it from Google.
-
Mine also works fine from Google search.
-
I re-sent Google our site via the webmaster tools, so the Google cache should now be fixed. It's working fine for me now.
-
Is anyone else having the issue with this website now... its white,blue and says simple machines forum up the top right of the screen O_o
-
Yes, that is what mine looks like.
-
Everything is in "basic" mode atm. No worries. ;)
-
Oh, sweet XD
-
Oh yay. and also that was a fast response? i only just woke up :P
-
Haha, I got up at 12 the other day. It was awesome XD
-
Yeah, my school holidays have just started so ill probably be posting allot more often now. Btw admins is it possible that Google will block this site or something? thats all i got from your previous posts :/
-
They had it on their "possible threat" list. Been taken off afaik.
BTW, Death Nade, run for office. ;D
-
Oh goodo, at least we arent a "threat" anymore :P
How would i run for office. which thread?
-
The signup thread in the plaza (http://exilian.co.uk/forum/index.php?topic=1705.0) :)
-
Cheers, i ran for Tribounos :P
-
Like me :P
-
"We're currently upgrading software and making improvements to the site"
What's being upgraded and what are the improvements? Maybe you could though in a "Shout Box" and maybe a Mibbit Chat channel ;).
-
Haha, yor so demanding XD
-
They're just suggestions but I do demand a shout box though. We really need one of those.
-
At the moment, 'improvements' is making sure we never get hacked again. :P
-
Id rather the site didnt get hacked i think :P
-
Ok, everything is sorted for now, just reinstalling mods and a theme and everything will be back to normal. :D
-
On the entrance page it still says "Under Maintenance"
-
Forum wise, I meant.
-
The Session Length doesn't work.
-
Well... First malware and then exilian turned white and now it's blue... Is it the end of the world? DOOM APROACHES! REDEEM! ;D ;D ;D ;D :) ;) :D
-
The blue is better than the white at least :)
-
I sure am glad that I only attempted to log into exilian from the school PC. Hope the central server there is okay, or at least doesn't register that it was me that infected the server :D