Answer the question
In order to leave comments, you need to log in
P
P
pilotus2018-09-10 10:25:24
pilotus, 2018-09-10 10:25:24
The webmaster swears at JS/Redir-DA. Strange utm's are added to pages. Where to dig?
The background is like this.
Caught a virus on the site. Found suspicious files and deleted them. Couldn't.
Restored from backup (version a few days before infection). The day is normal and again the same thing.
Antivirus finds nothing. There are no changes in php, as advised to check on Habré , or I don’t notice them.
The webmaster swears that the site has been hacked, says JS / Redir-DA, but I did not find information about it. Not a single antivirus swears. Gave a couple of people passwords to FTP - reset passwords and canceled access.
In the webmaster it shows a redirect from some Ukrainian IP
Judging by the logs, the inputs are constantly bursting from different countries
Maybe someone came across and treated?
1 answer(s)
@BorisKorobkov
B
Boris Korobkov, 2018-09-10 @BorisKorobkov
Firstly, malware can be found not only in PHP, but also in JS files, .htaccess, system files, databases (if a crooked programmer does not check for injections).
Secondly, "Recovered from a backup" and "reset passwords and canceled access" will not help to protect yourself from re-hacking. Because the cause is not found and not eliminated.
Similar questions
G
god_we_trust2018-08-31 15:26:07
Is it possible to transplant to a new template and keep the links?
1Reply
M
@
D
O
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question