Post

3 followers Follow
0
Avatar

Google - "This site may be hacked" message

If you search for our site using Google, our site is listed with the message "This site may be hacked" even though I'm pretty sure it has not been hacked.

Has anyone else seen this with your own sites? Or could there be something systemic with our URJ/Joomla hosting?

Google does have a remedy page with a few options for clearing this up but none of them are trivial so I just wanted to get a sense of how broad this is before venturing down that path. Thanks!

Isaac Chartoff

Please sign in to leave a comment.

4 comments

0
Avatar

More info... Google believes that a URL injection attack has been performed on our site, adding the URL \doxycycline-price-for-dogs to our Web site URL.
In fact, if you visit http://temple-etzchaim.org/doxycycline-price-for-dogs this will actually render a page!
I'm not yet sure where this is coming from,. There is no directory on our site that would allow this. I'll keep digging.

I"ll probably submit a ticket

Isaac Chartoff 0 votes
Comment actions Permalink
0
Avatar

It did happen to us many years ago, and I do not remember exactly how it resolved but it took some cleaning that I could do myself without asking for external help and I had followed google's instructions. After that I installed sitelock. This was before we shifted to the RJ Web Builder and since I have not heard of any similar issue (I believe it was called "cloaking" or page highjacking.

Sorry that you have to go through the trouble!

Laurence Furic 0 votes
Comment actions Permalink
0
Avatar

By all means submit a ticket. Your site is infested with bogus links, you can see them in the source of each page.

I'm not familiar with this type of attack in a Joomla environment. You wouldn't be looking for a directory, I'm pretty sure. It might be an article or a menu item, I suppose.

Sara Milch 0 votes
Comment actions Permalink
0
Avatar

So I create regular Akeeba backups and download them locally for safe keeping. I grabbed the latest and unzipped it to my hard drive. Symantec immediate quarantined a few index.php files.

I did submit a ticket yesterday. I appended this information with details to the ticket. At the very least, I'm hoping Joel can restore the original versions of these files.

Isaac Chartoff 0 votes
Comment actions Permalink