Portal Home > Knowledgebase > Articles Database > My server hacked with a fake Adobe site
My server hacked with a fake Adobe site
| Posted by alanfoot, 10-22-2013, 03:52 PM |
| Hello.
Some days ago, my dedicated server at softlayer, was hacked, today I realize that any request to a non existing page the 404 error page redirects to an a Adobe FAKE site, and it inmediately force the webbrowser to download a suspicios file.
It generates many apache services running that consumes much CPU time, and then the server became overloaded.
I realy dont know what to do. I have tried with the .haccess file, and the custom redirect pages, but it did not work
any help?
<< snipped >>
Last edited by Ash; 10-22-2013 at 03:57 PM.
|
| Posted by cloudrck, 10-22-2013, 03:59 PM |
| Define hacked; How did you get hacked, what software exploit? Did you open a ticket with Softlayer. Did you scan for rootkits?
|
| Posted by Ash, 10-22-2013, 04:00 PM |
| Assuming you've changed all passwords already? The first step would be to have a look at your logs to try and understand how the file got there.
Is this a managed server? Are there any existing entries in .htaccess that are not yours?
I've removed the code. The content is unlikely to help people solve your problem, and we'd prefer not to be passing malicious code and files around here.
|
| Posted by kevincheri, 10-22-2013, 04:50 PM |
| First of all, get the hack fixed asap.
TO fix the problem you have stated,
Create a page named 404.html and add the following line in your .htaccess
ErrorDocument 404 /404.html
|
| Posted by alanfoot, 10-22-2013, 07:29 PM |
| Thank you all, the problem seems to be fixed, with the changes to the htaccess file.
|
| Posted by Vex76, 10-22-2013, 07:38 PM |
| That's not really a "fix".
|
| Posted by kevincheri, 10-22-2013, 07:42 PM |
| Glad to hear that, did you really get the hack identified and sorted?.
|
| Posted by talkrelay, 10-23-2013, 12:29 AM |
| Good to know htaccess fixed. But make sure malicious software not exist on your server.
|
| Posted by net, 10-23-2013, 12:31 AM |
| Moved > Hosting Security and Technology .
|
| Posted by ballighohosting, 10-23-2013, 01:10 AM |
| This is exactly my problem!! I also found hundreds of shell scripts! that's why I posted this thread today:
http://www.webhostingtalk.com/showthread.php?t=1315402
|
| Posted by Kailash12, 10-23-2013, 01:19 AM |
| This can be just band-aid until you know how your server was hacked. Your server can be hacked again if you have not block the backdoor through which it was hacked.
|
Add to Favourites 
Print this Article
Also Read
