Phishing Apps in web site? 1

[xlh1000]

I have a small web site that seems to be loading extremely slow at times.
I had some concerns that it may be compromised, then i got an email adding to those suspicions.

Here is part of it:

"The site looked good. The only problem I had was that after looking at a few pages my Norton security program blocked the site - said it was possibly fraudulent and may contain phishing apps. Not sure what that was all about. Could've just been a glitch in my browser security".

How can i verify if my site is clean or not?
On a related site with a different url, i got this message from the host. (free host)

"We have detected that your account executing a slow MySQL queries".

Can Someone assist me on this?

Thank You

 

[MakeItSo]

Check the HTML of your index file.
Look for "<iframe", type "hidden" and suspicious Javascripts.

Post back after you checked.

Cheers,
MiS

[navy]"We had to turn off that service to comply with the CDA Bill."[/navy]
- The Bastard Operator From Hell

 

[xlh1000]

I have seen "hidden" in source code before, but i can't find it now. I think it could have been before the slow MYSQL warning.

I have looked through all the source code, but i am most likely missing something.

Here is what i have found.
When i visit the site with "NoScript" allowed globally, i can not view the source code.
As soon as i forbid scripts globally,the site immediately goes blank and it takes me to a different url.

It gives this message:

Not Found

The requested URL /wp-admin/ was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

I have never encountered this before.

 

[kjv1611]

Do you have a back-up of your site locally stored? If so, try removing your server files to a "backup" folder on your server, and then uploading your local back-up.

Also, make sure you have a strong password on your FTP access, and really you're supposed to change FTP passwords ever so often. Another good thing to remember, which is easy to forget, is to make sure you connect via some form of secure FTP (SFTP).

--

"If to err is human, then I must be some kind of human!" -Me

 

[smah]

What does google's 'safe browsing' say about the site?

http://www.googletutor.com/2008/06/25/check-a-website-for-malware-with-google-safe-browsing-tool/

 

[kjv1611]

smah, thanks for that link. Looks like a useful tool.

--

"If to err is human, then I must be some kind of human!" -Me

 

[xlh1000]

No local backups.
I tried google's safe browsing tool and all was fine.
I don't get anymore errors now either.
One thing i would like to pass on though, there is a vulnerability in wordpress, which is what i am using.

http://wordpress.org/development/2009/08/2-8-4-security-release/

 

[ll60630]

I just finished upgrading my WordPress blog (

http://www.MarriedToANerd.com)

to 2.8.4 and everything went fine. I'd recommend that anyone with their own WordPress blog upgrade as soon as they can as this version fixed a serious security flaw.

Jeff
________________________________________
Get Microsoft Visual SourceSafe Help:

http://www.VoyagerEnt.com/Services/SourceSafe

 

[kjv1611]

ll60630,

A minor suggestion you may not have though of on your website. I noticed when going there that if you click on "About" from the home page, the red paper clip doesn't move. If possible, I'd think it'd be a good idea to have that paper clip follow the actively selected page. Then again, that's just a suggestion, and I don't know how that piece is shown on your site.

--

"If to err is human, then I must be some kind of human!" -Me