The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Google is Search showing "Warning - visiting this web site may harm your computer"

Discussion in 'General Discussion' started by davidanand, Jan 28, 2008.

  1. davidanand

    davidanand Member

    Joined:
    Jan 22, 2008
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    Hi,

    One of my customers website is showing "Warning - visiting this web site may harm your computer" while searching on Google. I don't know why it is happening please assist me.
     
  2. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
  3. davidanand

    davidanand Member

    Joined:
    Jan 22, 2008
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    Hi.

    I am not able to figure out why? I checked all the files in the domain any suggestions please.
     
  4. sarhosting

    sarhosting Well-Known Member

    Joined:
    Oct 1, 2007
    Messages:
    164
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    United States
    cPanel Access Level:
    Root Administrator
    Twitter:
    You are probably another victim of the Javascript inject problem

    Look for something like this in your files

    <iframe>qjirfohqwerf</iframe>

    or

    <script=Javascript>
    domain.com/hack.js
    <script>

    Something like

    Check every single file and I mean all of them!
     
  5. davidanand

    davidanand Member

    Joined:
    Jan 22, 2008
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    Hi SAR,

    Thank you for your help...

    I was confused for three to four days now it is cleared..Please explain how the injection happens
    because I have not given 777 permission to the index.html.
     
  6. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    This article explains the problem you could be having: http://servertune.com/kbase/?View=entry&EntryID=258
     
  7. davidanand

    davidanand Member

    Joined:
    Jan 22, 2008
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    Hi Andy,

    The link which you gave was very helpful to me ...thanks a lot !!!. but still the entry point where the js root kit gets in to the server is unknown ...
     
  8. sarhosting

    sarhosting Well-Known Member

    Joined:
    Oct 1, 2007
    Messages:
    164
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    United States
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi There,

    Entry point can be from a few points.

    Unsecure script.
    Bad Code
    Local Machine infected, thus FTP access is gained.
    Plus the root kit.
     
Loading...

Share This Page