Urgent - my website has been blacklisted on Safari?!

Discussion in 'Web Design and Development' started by big_malk, Jul 29, 2010.

  1. macrumors 6502a

    Joined:
    Aug 7, 2005
    Location:
    Scotland
    #1
    I was going to update my website today, but when I looked at it Safari popped up the 'This website may harm your computer...' message - I was not best pleased!

    I've checked my site and have found no malware.
    I've checked Google webmaster tools, and my domain isn't blacklisted there, it says there has been no malware found.

    The weird thing is, the warning says to check the Google safe browsing diagnostic page at this link http://google.com/safebrowsing/diagnostic?tpl=safari&site=yoursupergoogleanalytics.co.cc&hl=en-gb, and that page says "Diagnostic page for yoursupergoogleanalytics.co.cc" - that's not my domain?! :S

    My site is visible briefly before the warning appears, I though maybe someone had posted a malicious comment or something that loads a bad script from another domain or something, but I cant find mention of that domain anywhere on my site!

    I am very confused, and I can't even find where my site has been blacklisted, or where the problem is?! :confused::confused:

    I'd really appreciate help on this ASAP, as it look pretty bad having my site blacklisted like this!
     
  2. macrumors 6502

    iTzChasE

    Joined:
    Dec 31, 2008
    #2
    Have you completely searched your site up and down for something related to yoursupergoogleanalytics.co.cc?
     
  3. thread starter macrumors 6502a

    Joined:
    Aug 7, 2005
    Location:
    Scotland
    #3
    Where did you see that?

    Yip, I've gone through every page and searched the source code, I've searched the entire database, and I'm currently checking for and changed files over FTP but it's going painfully slow :(
     
  4. macrumors 6502

    iTzChasE

    Joined:
    Dec 31, 2008
    #4
    I used Google Chrome and that is what showed up.
     
  5. thread starter macrumors 6502a

    Joined:
    Aug 7, 2005
    Location:
    Scotland
    #5
    I checked Chrome and got no warning, I've got the latest version and cant see any option to turn warnings on/off

    Presumably chrome uses google's own malware blacklist thingy, but google webmaster tools says there is no malware detected... I am really confused!!

    I cant find this supposed malware / domain anywhere on my site :(
     
  6. Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #6
    Looks to have been temporary. I didn't get any warnings when using either Safari or Chrome. I'm in the US.
     
  7. macrumors 68030

    Darth.Titan

    Joined:
    Oct 31, 2007
    #7
    Well you have something wrong in one of your javascripts. My AVG alerts me with the following warning when navigating to your site.
     

    Attached Files:

  8. macrumors member

    Joined:
    Jun 11, 2010
    #8
    caption.js has an iframe injection. I'd be careful where you are getting your scripts from.
     

    Attached Files:

    • ss1.png
      ss1.png
      File size:
      269.7 KB
      Views:
      56
  9. macrumors G5

    Consultant

    Joined:
    Jun 27, 2007
    #9
    Yup your site is h4x0red!
     
  10. thread starter macrumors 6502a

    Joined:
    Aug 7, 2005
    Location:
    Scotland
    #10
    Thanks guys, just found that.

    The script was part of the Joomla installation (obviously, it didn't come with that in it though).

    My site was a couple of minor versions out of date, but this'll be the last time I let that happen! Time to update, check all my other websites and change al my passwords I guess...

    Thanks for your hep guys! :eek:
     
  11. macrumors member

    Joined:
    Jul 9, 2010
    Location:
    Rowland Heights, California
    #11
    Be sure to check EVERYWHERE (ie. sessions, images and files with multiple extensions, htaccess files, etc). I got one of my servers hacked a while back and couldn't find anything...until I started noticing files renamed from like myfile.css to myfile.css.php with malicious code in them.

    That's good news you fixed the issue. Definitely keep up to date on software releases and updates if you use a script which is widely used, like Joomla and WordPress.
     
  12. Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #12
    That explains why I didn't get the error, thank you AdBlock :)
     

Share This Page