Sites running WordPress and MyBB hosted on GoDaddy shared servers have been hacked and are causing malware popups from holasionweb.com. Anyone know of a fix for this other than completely reinstalling?
First thing you need to do is determine the cause of the "hacking" and the source of the malicious code. If you cannot then contact your hosting company.
You need to be sure its ALL sites on godaddy, not just your cPanel has been hacked.
If it is the host, its pretty much out of your control and, depending on how the hack has been implemented, you may have to re-install. Have any of your files been changed? Are there any extra lines of code? If not then you wont need to re-install
This might help.
A few weeks ago all wordpress blogs hosted by Network Solutions (domain registrar) had malware implemented in them. There is not a problem with wordpress, It was the server setup from Network Solutions. (
http://news.techworld.com/security/32210...gs-attack/) I would personally move to a respective host. If you would like help getting a budget host (under $5 a month) that will handle your sites/forums please PM me.
I as a Domainer (one that buys and Sales domains) never buy domains and hosting in the same place. With this I have been able to keep safe from hackers/password crackers. You should change the password to your godaddy account and any other password that you have associated with them also change your e-mail password. Do not use the same password everywhere. This will help you prevent future attacks like this.
First you should contact godaddy and try and determine if the the hacking was from their end.
Then you should open your FTP client and sort your files by modification/creation date and delete any new files and upload fresh copies of any files that have been modified since and around the time of the hacking. Then upgrade Wordpress and MyBB making sure all your file permissions are set correctly. Finally, take a good look through your templates and revert any that contains suspicions looking code. If it's feasible to revert to a backup then I would do that.
It would probably a good idea to take extra security measures such as moving and .htaccess protecting your admin directories.
GoDaddy responded. They were able to remove the malicious javascript. The hack was on their end. Thanks for the quick responses.
Ok, I would still do a complete 'once over' of your site though to make sure the hackers haven't opened up any other security holes as well.
welcome to "the black world" of Wordpress
check your script/permittion file.
then call your host
It has happened again and once again GoDaddy was able to fix it. FYI, I wasn't running Wordpress on the site that was affected.