Question: |
Good treepodia received information from Google that my site is hacked.You could run me a scan.Also I ask You to clarify what my next steps are.To change the password after the server scanning and removal vredonostnogo, right?Thanks in advance |
Answer: |
Hello. we scan Your site and give You a report. After checking the sites you need to change them parley. it is also desirable to post the sites on multiple accounts on your server |
Question: |
Understood.On my server only 2 сайта.puredelight.pl and maxigoods.TJS for different accounts.What sites do You mean?Thanks in advance |
Answer: |
then you do not nuisance to share now the sites are checked |
Answer: |
the report maxigoods.com/AI-BOLIT-REPORT-__-659473-28-10-2016_06-52.html criticisms Vulnerabilities in scripts (3) /var/www/www-root/data/www/maxigoods.com/modules/pm_advancedsearch4/js/uploadify/uploadify.php - NI : UPLOADIFY : CVE: 2012-1153 /var/www/www-root/data/www/maxigoods.com/modules/revsliderprestashop/inc_php/framework/image_view.class.php_bak - NI : REVSLIDER : http://www.exploit-db.com/exploits/35385/ /var/www/www-root/data/www/maxigoods.com/modules/revsliderprestashop/inc_php/framework/image_view.class.php - NI : REVSLIDER : http://www.exploit-db.com/exploits/35385 you have not removed the vulnerability. so you will break until you fix |
Question: |
All, now I have removed these files, even though I`m not sure that won`t affect the functionality of the store.Can once again run the test.You can even the entire server.Thank you |
Answer: |
OK, check the |
Question: |
There is still no report on the scan.Thank you |
Answer: |
second site puredelight.pl/AI-BOLIT-REPORT-__-709912-28-10-2016_12-30.html |
Question: |
Good supper meant to scan not the second, and the second scan after I deleted the files given in the second occleve can, please scan vves server and send me the link to the report.If threats will not be detected, then I will ask You to immediately change the password of root and throw it to me, photospace |
Answer: |
please Wait. |
Answer: |
maxigoods.com/AI-BOLIT-REPORT-__-378931-29-10-2016_05-44.html the vulnerability is not fixed the server is scanned |
Question: |
Just take away the vulnerability, removed image_view.class.yesterday I rrno this file is also removed and the site worked fine.Could you clarify what happened with the site? I see the error 500 and have noticed that you created a plan reserveage backup fileserver to backup the server, not on andx disk, why all this?Thanks in advance |
Answer: |
Hello do not understand what does es have to do with your server? we have our own backup server, tude and created job kopirvoaniya utochnyat after You made some changes you got an error? |
Question: |
You do not understand. In ispmanager is possible to keep a backup of website on your own Yandex.disk.I made no changes yesterday the site worked.Today, the site is not working and You have created a backup plan. Why? |
Answer: |
You can make a backup on creation of Your account on Yandex the disk, but it`s nothing to do with the hosting is not. We have our own server for backups and You are allocated a place on this server, additional 50 GB. And backups are in no way associated with the site. |
Question: |
Yeah, cool, didn`t know that I still have 50GB on the server for backup. Spasiba, which the site ceased to work? |
Question: |
I unfold the last backup which You will sozialpolitik will work or not |
Answer: |
this new service, we only recently negrii it. what kind of website you have stopped working and what you changed on it? |
Question: |
I have not changed anything.Stopped working maxigoods.com |
Answer: |
the specified error cause. Link to database cannot be established: SQLSTATE[42000] [1044] Access denied for user `ugohome_gd2`@`localhost` to database `ugohome_gd2` you the password changed? |
Question: |
I repaired from Your backup and now it works, but I now I understand I need to run virus scanning, right? |
Answer: |
unable to open the old report. but you have not answered the question - the password changed? |
Question: |
No did not change the password by the user.I think that the mistake You saw, it is also a mistake that I saw as I turned on to razvorachivat Your backup |
Answer: |
ok
|
Question: |
Please look on otchetno can understand that code in the file not.There is the idea spelled out the elements which relate specifically to the work магазинаhttp://maxigoods.com/AI-BOLIT-REPORT-_www-root_data_www_maxigoods_com_-946105-29-10-2016_13-51.html |
Answer: |
criticisms a Vulnerability in the scripts (1) /var/www/www-root/data/www/maxigoods.com/modules/revsliderprestashop/inc_php/framework/image_view.class.php - NI : REVSLIDER : http://www.exploit-db.com/exploits/35385 repair |
Question: |
And how to remove it? |
Answer: |
http://www.exploit-db.com/exploits/35385 if you don`t know how to fix the vulnerability, please delete this module |
Question: |
Understood, I`ll upload the file to your PC and will delete on the server. Let`s see what happens. Maybe it`s some kind of important file which affects all of the engine. Thanks for the tip. I will try I will unsubscribe |
Answer: |
antivirus for windows https://revisium.com/kb/scan_site_windows.html |