No announcement yet.

After the attack?

  • Filter
  • Time
  • Show
Clear All
new posts

  • After the attack?

    Long story, but I’ll try to keep it as short as possible. Recently my site was hacked (3.8.6 PL 1) and some malicious code was placed into the site. As it turns out my site now shows up with a “Reported Attack Page” warning. I’m not the most technically adept person so I had an acquaintance (fully trusted) who is a programmer and he managed to track down the code which was placed in the footer template and removed it. He also informed me that it seems as though this intruder gained access to my server as one of the files that this acquaintance of mine had previously implemented was deleted! He also supplied me with a suspected IP address which I traced to Russia. I’ve not submitted my site to Google as of yet for a revaluation even though it is now safe, but I’ll take care of that sometime soon. Until I do so it will continue to show the “Reported Attack Page” warning.

    With that said, I decided to do some IP address searches on the site via the Admin. CP and came up with something that has me really puzzled! When I did an IP search and did it by entering my user name it came up as Not Available! Also, when I did a search for my user name the field where it shows my IP Address is now blank! I’m referring to the User Manager page. Should I be concerned about this and if so what should I do? I could simply enter in my current IP Address where it is now blank, but seeing that I have a Dynamic IP that changes from time to time would this do any good? Obviously the s.o.b. who caused all of this gained access to my Admin. CP and used my user name so he could have possibly deleted my IP but for what purpose? The only thing I’ve done so far was to enter the IP number that is traced to Russia and the one that I know who altered a template and banned that IP number. Sorry, but this is all rather new to me and the first time this has happened on my site. I’m unable to ask for further help from the person who tracked all of this down as he will be unavailable for a long period time. Any and all help would be greatly appreciated, but please bear in mind that I’m a total idiot when it comes to downloading files and such albeit I don’t see any need for such actions at this juncture. That’s about it for now although I may follow up with some questions regarding the security of my server but one thing at a time.
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.