my dad's website hacked?

Discussion in 'Web Design and Development' started by maxterpiece, Aug 21, 2006.

  1. maxterpiece macrumors 6502a


    Mar 5, 2003
    I'm not sure if this is the right forum to be posting this, but i figure those browsing this forum are most likely to be able to explain this.

    I just googled this website i made for my dad. I googled the exact web address, and it came up just like it had in the past, except this time for the summary it said

    "buy adipex cheap adipex onlinebuy alprazolam cheap alprazolam onlinebuy ambien cheap ambien onlinebuy ativan cheap ativan onlinebuy bontril cheap bontril ..."

    well i mostly wrote the code for this website by hand, and I know I didn't put anything about buying prescription drugs in it. I'm the only one whom I have given access to this website. I'm the only one with the admin password. Or at least I thought i was.

    I click through the link and go to the home page for his website and view the source code and at the bottom is about 200 lines of links that all start like "<div style='overflow:auto; display:none; height: 1px;'>", so all the links are not visible- and then link to some prescription drug crap below (i didn't go to the website but i assume).

    It gets weirder. Below all that are like 60 straight up links (not ad click through links or anything) that go to colleges in the US. Legitimate colleges like stanford, RPI, oklahoma state. This is also something that I know I didn't write in there. I checked a few of the other pages on the website and none of them were tampered with, just hte index.

    Does this mean that someone got my password somehow? It is a password that I have used more often than other PWs. HOw can i check if someone else has logged into my account? Is there anything I should do besides change my PW?

    You can click through the link in my sig to see for yourself. Oh, and i know hte site is very amateur. I don't profess to be a web designer.
  2. Blackheart macrumors 6502a


    Mar 13, 2004
    It, indeed, looks like you've been h4x3d. On your web server, try looking at the access logs. For example, on the OS X machine that I'm currently on, this is found at /var/log/httpd/access_log
  3. dornoforpyros macrumors 68040


    Oct 19, 2004
    Calgary, AB
    well obviously some one tampered with it, who's your web host & how much do you trust them? I'd suggest changing your password and changing the page back, then keep a close eye on it and see if it changes again.

Share This Page