Webmaster tools shows my site has 250 broken links - but these links
are not ones I have put in the site, adn I cannot find them in my
source code. Here are a couple of examples:
> Webmaster tools shows my site has 250 broken links - but these links
> are not ones I have put in the site, adn I cannot find them in my
> source code. Here are a couple of examples:
It does look like this content is coming from your site... For
instance, I'm looking at the URL:
http://www.vintageretrolingerie. com/prodimages/license-code-im-dvd-
creator.html
This URL shows content matching the "subject" meta tag used there:
"license code im dvd creator, cm 03/04 free download patch, Fullmetal
Alchemist Ready Steady Go free Mp3 Downloads, free downloads for grand
theft auto sanandres pc, Maplestory hacks Apache download, juegos emu
v2.com, photoshop cs2 keygen and download instructions free,
application security software web"
It appears that your normal content is not found in this folder. If
that is the case, you can probably use a robots.txt disallow directive
to block the crawling of this subdirectory while you chase down what
is happening on your server.
Strangely, it appears that I cannot access that URL on your site any
more. If you have not changed anything, I would recommend that you
contact your hoster for assistance.
> It does look like this content is coming from your site... For
> instance, I'm looking at the URL:http://www.vintageretrolingerie. com/prodimages/license-code-im-dvd-
> creator.html
> This URL shows content matching the "subject" meta tag used there:
> "license code im dvd creator, cm 03/04 free download patch, Fullmetal
> Alchemist Ready Steady Go free Mp3 Downloads, free downloads for grand
> theft auto sanandres pc, Maplestory hacks Apache download, juegos emu
> v2.com, photoshop cs2 keygen and download instructions free,
> application security software web"
> It appears that your normal content is not found in this folder. If
> that is the case, you can probably use a robots.txt disallow directive
> to block the crawling of this subdirectory while you chase down what
> is happening on your server.
> Strangely, it appears that I cannot access that URL on your site any
> more. If you have not changed anything, I would recommend that you
> contact your hoster for assistance.
Thanks for your help. This folder does contain images for the store -
I've searched it and cannot find anything suspicious - the only files
shown there are our own images, no html files at all. I'm
mystified......
Every sale is failing to complete, which is disastrous. The customers
tell us that they get a "try again later" message when they try to
checkout thru Paypal.
I've sent a Help request to my hosting company, but no reply so far.
They're usually pretty responsive, so that surprises me. I'll have to
try them again.
> It does look like this content is coming from your site... For
> instance, I'm looking at the URL:http://www.vintageretrolingerie. com/prodimages/license-code-im-dvd-
> creator.html
> This URL shows content matching the "subject" meta tag used there:
> "license code im dvd creator, cm 03/04 free download patch, Fullmetal
> Alchemist Ready Steady Go free Mp3 Downloads, free downloads for grand
> theft auto sanandres pc, Maplestory hacks Apache download, juegos emu
> v2.com, photoshop cs2 keygen and download instructions free,
> application security software web"
> It appears that your normal content is not found in this folder. If
> that is the case, you can probably use a robots.txt disallow directive
> to block the crawling of this subdirectory while you chase down what
> is happening on your server.
> Strangely, it appears that I cannot access that URL on your site any
> more. If you have not changed anything, I would recommend that you
> contact your hoster for assistance.
At first, I thoguht so too, but teh google report is showing them as
broken links within the site. The html files referred to in the link
report don't even exist on the web server. Yet several things actually
show up, liek this http://www.vintageretrolingerie.com/prodimages/simgirl-4.12.html.
It's almost like someone has "hijacked" the domain name or
something........................
> At first, I thoguht so too, but teh google report is showing them as
> broken links within the site. The html files referred to in the link
> report don't even exist on the web server. Yet several things actually
> show up, liek thishttp://www.vintageretrolingerie.com/prodimages/simgirl-4.12.html.
> It's almost like someone has "hijacked" the domain name or
> something........................
> On Jul 14, 3:17 pm, Autocrat wrote:
> > It could be links pointing to your site?
> > They seem to be the same type of 'spam' (porn links and software rips)
Not only did I not make it, I can't even find it on the web server.
I've been comparng files from my original posting and I found 3 PHP
files that didn't exist back then. 2 are in the prodimages folder
(the problematic folder- I don't know much PHP, so I'm a bit
suspicious about them. Just in case anyone out there can make sense
of it, here's the code in the latest one:
> > At first, I thoguht so too, but teh google report is showing them as
> > broken links within the site. The html files referred to in the link
> > report don't even exist on the web server. Yet several things actually
> > show up, liek thishttp://www.vintageretrolingerie.com/prodimages/simgirl-4.12.html.
> > It's almost like someone has "hijacked" the domain name or
> > something........................
> > On Jul 14, 3:17 pm, Autocrat wrote:
> > > It could be links pointing to your site?
> > > They seem to be the same type of 'spam' (porn links and software rips)- Hide quoted text -
> Not only did I not make it, I can't even find it on the web server.
> I've been comparng files from my original posting and I found 3 PHP
> files that didn't exist back then. 2 are in the prodimages folder
> (the problematic folder- I don't know much PHP, so I'm a bit
> suspicious about them. Just in case anyone out there can make sense
> of it, here's the code in the latest one:
> > > At first, I thoguht so too, but teh google report is showing them as
> > > broken links within the site. The html files referred to in the link
> > > report don't even exist on the web server. Yet several things actually
> > > show up, liek thishttp://www.vintageretrolingerie.com/prodimages/simgirl-4.12.html.
> > > It's almost like someone has "hijacked" the domain name or
> > > something........................
> > > On Jul 14, 3:17 pm, Autocrat wrote:
> > > > It could be links pointing to your site?
> > > > They seem to be the same type of 'spam' (porn links and software rips)- Hide quoted text -
You might also check code in your pages, something may be calling the
php you've posted. Is there a database on your site? If so you might
change it's password as well....
> Not only did I not make it, I can't even find it on the web server.
> I've been comparng files from my original posting and I found 3 PHP
> files that didn't exist back then. 2 are in the prodimages folder
> (the problematic folder- I don't know much PHP, so I'm a bit
> suspicious about them. Just in case anyone out there can make sense
> of it, here's the code in the latest one:
> > > At first, I thoguht so too, but teh google report is showing them as
> > > broken links within the site. The html files referred to in the link
> > > report don't even exist on the web server. Yet several things actually
> > > show up, liek thishttp://www.vintageretrolingerie.com/prodimages/simgirl-4.12.html.
> > > It's almost like someone has "hijacked" the domain name or
> > > something........................
> > > On Jul 14, 3:17 pm, Autocrat wrote:
> > > > It could be links pointing to your site?
> > > > They seem to be the same type of 'spam' (porn links and software rips)- Hide quoted text -
> I don't know what that does, but it can't be good. I'd get rid of it.
> And change all passwords.
> On Jul 14, 10:29 pm, tobrien wrote:
> > Not only did I not make it, I can't even find it on the web server.
> > I've been comparng files from my original posting and I found 3 PHP
> > files that didn't exist back then. 2 are in the prodimages folder
> > (the problematic folder- I don't know much PHP, so I'm a bit
> > suspicious about them. Just in case anyone out there can make sense
> > of it, here's the code in the latest one:
> > > > At first, I thoguht so too, but teh google report is showing them as
> > > > broken links within the site. The html files referred to in the link
> > > > report don't even exist on the web server. Yet several things actually
> > > > show up, liek thishttp://www.vintageretrolingerie.com/prodimages/simgirl-4.12.html.
> > > > It's almost like someone has "hijacked" the domain name or
> > > > something........................
> > > > On Jul 14, 3:17 pm, Autocrat wrote:
> > > > > It could be links pointing to your site?
> > > > > They seem to be the same type of 'spam' (porn links and software rips)- Hide quoted text -
> I've deleted all 3 - but kept a copy on my local machine, just in
> case.....................and changed the passwords too.
> I really appreciate your help - PHP is /greek to me, the only thing I
> know is I didn;t put it there!
> Therese
> On Jul 14, 8:55 pm, webado wrote:
> > I don't know what that does, but it can't be good. I'd get rid of it.
> > And change all passwords.
> > On Jul 14, 10:29 pm, tobrien wrote:
> > > Not only did I not make it, I can't even find it on the web server.
> > > I've been comparng files from my original posting and I found 3 PHP
> > > files that didn't exist back then. 2 are in the prodimages folder
> > > (the problematic folder- I don't know much PHP, so I'm a bit
> > > suspicious about them. Just in case anyone out there can make sense
> > > of it, here's the code in the latest one:
> > > > > At first, I thoguht so too, but teh google report is showing them as
> > > > > broken links within the site. The html files referred to in the link
> > > > > report don't even exist on the web server. Yet several things actually
> > > > > show up, liek thishttp://www.vintageretrolingerie.com/prodimages/simgirl-4.12.html.
> > > > > It's almost like someone has "hijacked" the domain name or
> > > > > something........................
> > > > > On Jul 14, 3:17 pm, Autocrat wrote:
> > > > > > It could be links pointing to your site?
> > > > > > They seem to be the same type of 'spam' (porn links and software rips)- Hide quoted text -
> You might also check code in your pages, something may be calling the
> php you've posted. Is there a database on your site? If so you might
> change it's password as well....
> On Jul 14, 10:29 pm, tobrien wrote:
> > Not only did I not make it, I can't even find it on the web server.
> > I've been comparng files from my original posting and I found 3 PHP
> > files that didn't exist back then. 2 are in the prodimages folder
> > (the problematic folder- I don't know much PHP, so I'm a bit
> > suspicious about them. Just in case anyone out there can make sense
> > of it, here's the code in the latest one:
> > > > At first, I thoguht so too, but teh google report is showing them as
> > > > broken links within the site. The html files referred to in the link
> > > > report don't even exist on the web server. Yet several things actually
> > > > show up, liek thishttp://www.vintageretrolingerie.com/prodimages/simgirl-4.12.html.
> > > > It's almost like someone has "hijacked" the domain name or
> > > > something........................
> > > > On Jul 14, 3:17 pm, Autocrat wrote:
> > > > > It could be links pointing to your site?
> > > > > They seem to be the same type of 'spam' (porn links and software rips)- Hide quoted text -
The code that you posted here downloads and executes content from
various sites based on information provided by your server. In other
words, it allows other people to have almost full control over your
webserver. Great job on finding and removing it!
Thanks, John - I'm SO relieved. My poor sister's income took an awful
nosedive, as her site moved from page 1 to page 2. Hopefully, she'll
start moving up again and get her store back to normal.
Thanks to everyone for all the help and suggestions!!
Just in case someone else out there has been hit by the same hacker,
look for .php files with a numerical file name, like 49875.php, in the
folder that seems to be dishing up the dirt.
> The code that you posted here downloads and executes content from
> various sites based on information provided by your server. In other
> words, it allows other people to have almost full control over your
> webserver. Great job on finding and removing it!
Well, looks like we're not out of the woods yet! Google crawled on
Jul 15 and found 4091 "broken links" in the site. I've checked the
folder that the broken links are reported in, and nothing unusual is
lurking there - just jpeg files. I don't know where to begin - is
there anywhere I can get some advice?
> The code that you posted here downloads and executes content from
> various sites based on information provided by your server. In other
> words, it allows other people to have almost full control over your
> webserver. Great job on finding and removing it!
had an idea and searched the entire site for any file dated the same
as the foreign files I originally found - 3 more foreign files were
hidden deep in sub directories - now deleted, so let's hope that's
it. Will know when Google next crawls the site next week.....
> Well, looks like we're not out of the woods yet! Google crawled on
> Jul 15 and found 4091 "broken links" in the site. I've checked the
> folder that the broken links are reported in, and nothing unusual is
> lurking there - just jpeg files. I don't know where to begin - is
> there anywhere I can get some advice?
> Thanks,
> Therese
> On Jul 15, 2:27 am, JohnMu wrote:
> > Hi Therese
> > The code that you posted here downloads and executes content from
> > various sites based on information provided by your server. In other
> > words, it allows other people to have almost full control over your
> > webserver. Great job on finding and removing it!
Hi Therese
It's good to see you cleaning out all the leftovers :). I wouldn't
worry about those broken links, they're probably pointing to the bad
content that you have since removed -- so it's good to see that they
are being reported as broken.
> Hi Therese
> It's good to see you cleaning out all the leftovers :). I wouldn't
> worry about those broken links, they're probably pointing to the bad
> content that you have since removed -- so it's good to see that they
> are being reported as broken.
In general those broken links will not negatively affect your site's
crawling, indexing and ranking. It's possible that we will try to
crawl these URLs for a bit, but that should not change anything else
for your site.
|
