Welcome to TalkGraphics.com
Page 3 of 3 FirstFirst 123
Results 21 to 29 of 29

Thread: cushy cms

  1. #21
    Join Date
    Aug 2008
    Location
    Canton, GA
    Posts
    666

    Default Re: cushy cms

    ugh...hacked - Godaddy hosting - no idea why yet...replacing files.

    Dont go here until I update this post that it has been fixed.

  2. #22
    Join Date
    Aug 2008
    Location
    Canton, GA
    Posts
    666

    Default Re: cushy cms

    Good to have backups.

    I have reloaded the files that seem to have been affected by this. I think it's ok again - just brosed to it, didn't get redirected or anything unusual.

    ss-kalm - do you still get the warning?

  3. #23
    Join Date
    Jul 2007
    Location
    Brockville, Ontario, Canada.
    Posts
    4,626

    Default Re: cushy cms

    Yes I do! - Even clearing all the caches, It still comes up. Try it yourself in an Opera browser.
    Keith
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    There are 10 types of people in this world .... Those who understand binary, and those who don't.

  4. #24

    Default Re: cushy cms

    I see the same warning in Opera as well.
    Scott, just reloading your site from backups won't get your off the Yandex fraud list (Used by Opera for the Blacklistings).
    Read more here:
    http://www.opera.com/docs/fraudprotection/

    You will also need to contact godaddy as your site still appears to be compromised.

    When attempting to load your URL in Google Chrome, I see a remote call being made to a Russian site.

    Click image for larger version. 

Name:	obscurewax.jpg 
Views:	455 
Size:	2.9 KB 
ID:	75081

  5. #25
    Join Date
    Aug 2008
    Location
    Canton, GA
    Posts
    666

    Default Re: cushy cms

    {sorry for the thread hijack} - maybe this will help others...

    I figured as much for Opera (using a thrid party list that will need to be cleared) and I see the redirect happening when using Chrome here as well.

    I don't know where the "infection" is, as I've replaced the files and checked the DNS (which is actually at Comcast, pointing to a Godaddy host). It must be compromised at the server itself or something, as I even checked all the code inside the home.html file and there is nothing there pointing to any other domains - code seems intact.

    Thanks again for the headsup and I'll continue to look for a solution!

  6. #26
    Join Date
    Aug 2008
    Location
    Canton, GA
    Posts
    666

    Default Re: cushy cms

    Alright - one more time.

    I have checked all of the files and such in this site (and actually one other on the same Godaddy account).

    I had missed that the two xara .js files were also compromised, not just the html. I have gone though all of them and looked for everything that was changed yesterday, including all of the Wordpress files (many of which were replced or modified).

    I loaded the site in both Chorme and Opera (with fraud protection turned on) and I got no warnings or redirects. Anyone have the guts to check this from their end?

    Anyone know of a way to avoid this happening? It's happened on another host (DOT5) as well. I think it's unavoidable unless you pay for a service to keep it away. In both cases, it looks like a hack on the hosting provider itself, as all of the files that were changed we at the exact same moment - done by a bot or script through the directories, as it was with my DOT5 issue - who issued a hosting-wide password reset the following day after my complain.

    I'm still going to contact Godaddy to make sure that they are aware and see if they heard of other issues.

    In the meantime - back to the thread!

  7. #27
    Join Date
    Mar 2010
    Location
    New Brunswick Canada
    Posts
    63

    Default Re: cushy cms

    Code:
    two xara .js files were also compromised, not just the html
    This is not good at all. I assume you've done a system scan? Cushy CMS sounds great but I won't give anyone my clients server information outside of my server for just this possible out come.

    Good luck.

  8. #28
    Join Date
    Aug 2008
    Location
    Canton, GA
    Posts
    666

    Default Re: cushy cms

    Cushy CMS was not involved in this compromise - just to be clear.

    I've never used Cushy. There is no reason anyone should have been able to get into that site except for a compromise at the host (godaddy) itself. At least 50 files on two clients sites were changed all within a matter of seconds. This was a bot attack of some sort.

    The site in questin here uses a wordpress.org Blog which also has no access to the actual FTP of the web server either - just the databases it uses.

  9. #29
    Join Date
    Mar 2010
    Location
    New Brunswick Canada
    Posts
    63

    Default Re: cushy cms

    That's good to know that Cushy CMS is solid. I hope everything gets resolved by GoDaddy to your satisfaction quickly.

    Cheers

 

 

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •