I have a client that has a site which appears to have been hacked or something. I have the responsibility of trying to fix the issue.
www.[hatchachalink removed].com
Where would i look to fix the issue, in the htaccess of something
-
The first thing I would do is use
digorhostto see if the IP of the site is the correct IP. In this case, the IP belongs to "hostmonster.com". If that's not your web host, then somebody has hijacked your DNS. If it is, then the problem is either with hostmonster.com, or with your own setup on hostmonster.com.From Paul Tomblin -
The good news is that it doesn't seem to be the domain itself that got taken, the admin contact seems still to be your client:
Administrative Contact: americaxl Jesse Fisher ....This is very good: You have no chance to forcibly get the domain back after it's been dropped and re-registered.
The site is sending a
301 Movedredirect to the Beijing escort site.Seeing as the domain name still resolves to a Bluehost server
70.40.208.144, and assuming this is where your client runs his site, it doesn't look like the DNS settings have been hijacked: I would say the FTP or web hosting account has been hacked in some way and altered to send out the 301 redirect - either through a PHP script ("Header: Location...") or (that would be my gut feeling) through a setting in the hosting company's control panel.The first step should be trying to log on to the FTP account and confirming whether that is the case.
Pekka : @John an index.php that does a header redirect to the beijing site.From Pekka
0 comments:
Post a Comment