Well after the last two weeks I now consider myself an expert in installing Wordpress blogs on self hosting and a virus deletion technician extraordinaire. I am now accomplished at securing a Wordpress blog.
The reason why, I am hosted at Go-Daddy and that whole site has been infected by a malaware bug. This is a php script that infects every site on the Go-Daddy host. Reports are now coming in that other hosting accounts are being infected.
There is a report that Fort Knox lost their site from this very same attack.
If you have any sort of hosting, go to your site, look at the page source and if you see at the bottom a script calling "http://holasionweb dot com/oo dot php" - then be prepared to lose everything.
I had twelve sites infected and rebuilt each one by hand. Lost a lot of money in adsense and affiliate sales.
I despise hackers who do this type of thing. Anyone else having the same problem, just contact me for a very easy and quick fix. Its free, so don't think I am riding on the hackers coat tails to make a few bucks.
Edit: To save on receiving so many emails I actually put up a hubpage detailing the fix. No links in the hubpage or anything self promoting. Just hope I can help someone else the anguish I went through.
Terry I am sorry to hear that. I have a few over there I will go check on.
Bummer you had to rebuild them all, a spiteful selfish act.
I have had this virus attack me 4 maybe 5 times now and hits every php website I have on godaddy. I am not sure if its hitting my html websites as I believe it might put in a different code, something to do with before the body and a document_write script but cant work that one out.
I now back up at the end of every day with a complete website clean script and as I check the website every time I make a change which is every day and as soon as it hits I then upload the new website straight away.
Each time it infects it puts a new script at the bottom of the page so its not always an oo.php string, it changes each time, so make sure its cleaned out properly.
You say you have a way of cleaning it out. I am looking at doing something with my SSH files at godaddy on info I found in a previous thread but until I can get rid of it for good I am being really cautious as I lost 3 days on the first attack.
Hi Serena, I wrote this hub which is repeating Securi's advice and is a fix.
http://hubpages.com/hub/How-To-Remove-T … code-Virus
Save the script in the Hub as wordpress-fix.php and load it to your index. Then add wordpress-fix.php as an extension to your domain name.
I did this on all of my sites and bookmarked each site under a folder I called malaware. I now just go to the folder and click "open All in tabs' and let it run. I do this everytime I sit at the computer.
Just got infected about one hour ago again, I ran the script and it is all now clean.
This script will not need the ssh approval from G-Dy.
Reports are now coming in that other web hosting sites are now being infected.
If you have any hosting at all, you must check your sites as once Google finds the threat they will tag your site a threat site.
Just open your url's to your sites and you will soon see if your infected or not.
Lean Mit college and university have just been hit, so no one is safe.
The fix in my hubpage will work to remove this latest attack.
Terry, if you google it, you don't see much except for this thread. Somehow it makes me thinking the virus is not THAT bad, and did not affect a whole lot of users.
http://www.google.com.au/search?hl=en&a … p;gs_rfai=
That's out of 1.8 million entries.
http://blog.sucuri.net/2010/05/continui … daddy.html
http://www.wpsecuritylock.com/wordpress … e64-virus/
http://www.google.com.au/search?hl=en&a … amp;tab=wn
If you really want to go there... Zero news on this stuff and godaddy... I don't believe you Terry. Nice self promotinal trick though...
Just checked one of my sites today after putting up a new hubpage.
It was infected again. The time is 11.00am Monday, 14 June 2010 Australian time.
If you have a Go-Daddy hosted wordpress blog, you had better check it.
It seems this virus has returned after a few weeks.
by Connie Smith 6 years ago
I need serious help! I am taking a web design class and my final project -- due in TWO weeks -- is my website, done through Dreamweaver. I do NOT want a free site. I plan to use the site so want a good business site. I am looking for dependability and a site that is easy for...
by L.M. Hosler 3 weeks ago
Is anyone else getting traffic from this site?nativeapp.toutiao.comI am getting traffic from it but I am not sure what the site is or if it's a new search engine of some kind. I do know it has something to do with a Chinese application. So I am wondering if this is a good or bad thing.
by Nathan Bernardo 6 years ago
First of all, I want to say that I am not considering leaving Hubpages. However, I am seriously considering starting my own website/blog, in addition to keeping my HubPage account. So, here's my understanding on how to go about starting my own site, bear in mind I don't know a lot about it: Buy and...
by freecampingaussie 8 years ago
I have made blogs with blogger & find I can do that ok ( I think !) is there any thing simular for making a free website as I am not very clever doing that kind of thing .Kris
by sashenikainderby 6 years ago
I am working on my own language site and I cannot decide between site-maker or a new internet hosting company. I know that some hosting companies provide more tools than others but this is all that I know.
by saleheensblog 7 years ago
LOL, not indeed. Whatever, I need to know something from you people now. As I am earning some money online I feel myself "money will come" confident now to invest for creating my OWN website. Here and there I have read some info about creating a website, I have thought about it a...
Copyright © 2019 HubPages Inc. and respective owners. Other product and company names shown may be trademarks of their respective owners. HubPages® is a registered Service Mark of HubPages, Inc. HubPages and Hubbers (authors) may earn revenue on this page based on affiliate relationships and advertisements with partners including Amazon, Google, and others.
|HubPages Device ID||This is used to identify particular browsers or devices when the access the service, and is used for security reasons.|
|Login||This is necessary to sign in to the HubPages Service.|
|HubPages Traffic Pixel||This is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.|
|Remarketing Pixels||We may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.|
|Conversion Tracking Pixels||We may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.|