我的网站正在加载其他网站,导致其重定向到该网站
我的网站 http://moremariners.com 正在向 http://bookiemonster.com/ads.php(这甚至不是一个真实的页面),导致它重定向到移动浏览器上的页面。您可以看到该请求也是在 PC 上发出的,如果您使用 Google Chrome 进行检查,您可以看到它的 GET 请求。但是,我的文件都不包含对主机的获取请求。
我该如何摆脱这些垃圾?
My site, http://moremariners.com is making a request to http://bookiemonster.com/ads.php (which isnt even a real page), causing it to redirect to the page on mobile browsers. You can see that the request is made on a PC, too, and if you inspect with Google Chrome, you can see the GET request for it. However, none of my files include a get request to the host.
How do I rid myself of this garbage?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
请注意
index.html文件的最后部分:您的网站已被黑客攻击。
无论这里的人是否会努力解码这个 JavaScript 做什么、它加载什么 HTML 等等(我觉得读起来很有趣),关键是你的网站要么有不安全的配置或存在漏洞的代码。
最安全的方法是擦拭机器。 (真的。Rootkit 如今是相当令人难以置信的东西。其他人可能比其他人更能控制您的计算机确实如此。)然后使用最新发布且受支持的版本重新安装 CMS。然后重新安装从已知良好的数据源转储的数据。 (您确实有数据的离线备份,对吧?)在将数据加载到新实例中之前,请确保数据干净且没有问题。确保尽可能严格地配置访问控制,以便将来的攻击更加困难。还可以考虑部署强制访问控制工具,例如AppArmor, SELinux、TOMOYO 或 SMACK。 (我已经成为 AppArmor 团队成员十多年了;这是我对大多数用户的推荐,但其他工具之一可能更适合您或您的组织。)
Note the very end of your
index.htmlfile:Your site has been hacked.
Whether or not someone here will go to the effort of decoding what this JavaScript does, what HTML it loads, etc. (which I would find interesting reading), the point is that your site has either insecure configurations or code with vulnerabilities.
The safest way forward is to wipe the machine. (Really. Rootkits are pretty incredible things these days. Someone else may have better control of your machine than you do.) Then re-install your CMS using the latest released and supported version. Then re-install your data, dumped from a known good data source. (You do have off-line backups of your data, right?) Make sure your data is clean and problem-free before loading it in your new instance. Make sure you configure your access controls as tight as possible, so that future attacks are more difficult. Consider also deploying a mandatory access control tool such as AppArmor, SELinux, TOMOYO, or SMACK. (I've been an AppArmor team member for over a decade now; it's my recommendation for most users but one of the other tools may be a better fit for you or your organization.)
听起来像是一个恶意程序感染了您的系统,
我使用过 Hitman Pro,这是一款基于云的防病毒和恶意软件程序,可以清除大多数此类感染 - 也可以免费使用 30 天...
搜索 google 并下载它。 V 3.5 我认为
约拿
Sounds like a malicious program infected ur system
I've used Hitman Pro, a cloud based anti virus and malware program that will clear most infections like this - for free for 30 days too...
Search google and download it. V 3.5 I think
Jonah
您的页面最终会出现两个框架,它们都引用 bookiemonster 的广告。
您的页面末尾有一段看起来可疑的代码,它似乎是某种 JavaScript,试图掩盖其正在执行的操作。如果这不是您故意放在那里的东西,那么您的网站或页面可能已被黑客入侵。我建议将其从页面末尾删除,然后可能需要进行彻底的网站安全审查。您可能需要监视它是否也不会被放回原处。
Your page ends up with two frames in it, that both refer to bookiemonster for ads.
You have this suspicious looking code at the end of your page that appears to be some sort of javascript that is trying to obscure what it's doing. If this isn't something you put there on purpose, then your site or page may have been hacked. I'd suggest removing this from the end of your page and then it's probably time for a thorough site security review. You probably will need to monitor that it doesn't get put back too.