Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Google is Search showing "Warning - visiting this web site may harm your computer"

Discussion in 'General Discussion' started by davidanand, Jan 28, 2008.

  1. davidanand

    davidanand Member

    Joined:
    Jan 22, 2008
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    51
    Location:
    India
    Hi,

    One of my customers website is showing "Warning - visiting this web site may harm your computer" while searching on Google. I don't know why it is happening please assist me.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    7
    Trophy Points:
    318
    Location:
    back woods of NC, USA
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. davidanand

    davidanand Member

    Joined:
    Jan 22, 2008
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    51
    Location:
    India
    Hi.

    I am not able to figure out why? I checked all the files in the domain any suggestions please.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. sarhosting

    sarhosting Well-Known Member

    Joined:
    Oct 1, 2007
    Messages:
    164
    Likes Received:
    2
    Trophy Points:
    68
    Location:
    United States
    cPanel Access Level:
    Root Administrator
    Twitter:
    You are probably another victim of the Javascript inject problem

    Look for something like this in your files

    <iframe>qjirfohqwerf</iframe>

    or

    <script=Javascript>
    domain.com/hack.js
    <script>

    Something like

    Check every single file and I mean all of them!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. davidanand

    davidanand Member

    Joined:
    Jan 22, 2008
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    51
    Location:
    India
    Hi SAR,

    Thank you for your help...

    I was confused for three to four days now it is cleared..Please explain how the injection happens
    because I have not given 777 permission to the index.html.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    4
    Trophy Points:
    193
    Location:
    Minneapolis, MN
    This article explains the problem you could be having: http://servertune.com/kbase/?View=entry&EntryID=258
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. davidanand

    davidanand Member

    Joined:
    Jan 22, 2008
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    51
    Location:
    India
    Hi Andy,

    The link which you gave was very helpful to me ...thanks a lot !!!. but still the entry point where the js root kit gets in to the server is unknown ...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. sarhosting

    sarhosting Well-Known Member

    Joined:
    Oct 1, 2007
    Messages:
    164
    Likes Received:
    2
    Trophy Points:
    68
    Location:
    United States
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi There,

    Entry point can be from a few points.

    Unsecure script.
    Bad Code
    Local Machine infected, thus FTP access is gained.
    Plus the root kit.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice