×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Phishing Apps in web site?

Phishing Apps in web site?

Phishing Apps in web site?

(OP)
I have a small web site that seems to be loading extremely slow at times.
I had some concerns that it may be compromised, then i got an email adding to those suspicions.

Here is part of it:

"The site looked good. The only problem I had was that after looking at a few pages my Norton security program blocked the site - said it was possibly fraudulent and may contain phishing apps. Not sure what that was all about. Could've just been a glitch in my browser security".  

How can i verify if my site is clean or not?
On a related site with a different url, i got this message from the host. (free host)

"We have detected that your account executing a slow MySQL queries".

Can Someone assist me on this?

Thank You

RE: Phishing Apps in web site?

Check the HTML of your index file.
Look for "<iframe", type "hidden" and suspicious Javascripts.

Post back after you checked.

Cheers,
MiS

"We had to turn off that service to comply with the CDA Bill."
- The Bastard Operator From Hell

RE: Phishing Apps in web site?

(OP)
I have seen "hidden" in source code before, but i can't find it now. I think it could have been before the slow MYSQL warning.

I have looked through all the source code, but i am most likely missing something.

Here is what i have found.
When i visit the site with "NoScript" allowed globally, i can not view the source code.
As soon as i forbid scripts globally,the site immediately goes blank and it takes me to a different url.

It gives this message:

Not Found

The requested URL /wp-admin/ was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

I have never encountered this before.
 

RE: Phishing Apps in web site?

Do you have a back-up of your site locally stored?  If so, try removing your server files to a "backup" folder on your server, and then uploading your local back-up.

Also, make sure you have a strong password on your FTP access, and really you're supposed to change FTP passwords ever so often.  Another good thing to remember, which is easy to forget, is to make sure you connect via some form of secure FTP (SFTP).

--

"If to err is human, then I must be some kind of human!" -Me

RE: Phishing Apps in web site?


smah, thanks for that link.  Looks like a useful tool.

--

"If to err is human, then I must be some kind of human!" -Me

RE: Phishing Apps in web site?

(OP)
No local backups.
I tried google's safe browsing tool and all was fine.
I don't get anymore errors now either.
One thing i would like to pass on though, there is a vulnerability in wordpress, which is what i am using.

http://wordpress.org/development/2009/08/2-8-4-security-release/  

RE: Phishing Apps in web site?

I just finished upgrading my WordPress blog (http://www.MarriedToANerd.com) to 2.8.4 and everything went fine.  I'd recommend that anyone with their own WordPress blog upgrade as soon as they can as this version fixed a serious security flaw.

Jeff
________________________________________
Get Microsoft Visual SourceSafe Help: http://www.VoyagerEnt.com/Services/SourceSafe

RE: Phishing Apps in web site?

ll60630,

A minor suggestion you may not have though of on your website.  I noticed when going there that if you click on "About" from the home page, the red paper clip doesn't move.  If possible, I'd think it'd be a good idea to have that paper clip follow the actively selected page.  Then again, that's just a suggestion, and I don't know how that piece is shown on your site.  smile

--

"If to err is human, then I must be some kind of human!" -Me

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close