Need your input, please :D

[copper]

Can you guys visit below link and tell me if you see news listed or just blank?
http://www.computerhardware.net/Computer-Motherboard-News.html

I would appreciate it greatly

Anyone using wordpress...
Must update wordpress latest version.
wordpress released new version today to fix "iframe" attack.

The recent iframe attacks are caused by insecure
WordPress blogs

 

[amplify]

Blank with some Adsense

 

[tas38]

I'm getting errors with firefox, and some read box with a link to the home page, that just does the same thing over.

 

[Dale Hubbard]

Yep - all broken in FF for me too:

arning: ini_set() has been disabled for security reasons in /home/computer/public_html/libraries/joomla/session/session.php on line 102

Warning: ini_set() has been disabled for security reasons in /home/computer/public_html/libraries/joomla/session/session.php on line 105

Warning: ini_set() has been disabled for security reasons in /home/computer/public_html/libraries/joomla/session/session.php on line 682

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/computer/public_html/libraries/joomla/session/session.php:102) in /home/computer/public_html/libraries/joomla/session/session.php on line 423

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/computer/public_html/libraries/joomla/session/session.php:102) in /home/computer/public_html/libraries/joomla/session/session.php on line 423

Warning: Cannot modify header information - headers already sent by (output started at /home/computer/public_html/libraries/joomla/session/session.php:102) in /home/computer/public_html/libraries/joomla/session/session.php on line 426
Array ( [0] => option [1] => Computer-Motherboard-News.html )

 

[south]

PHP errors.

 

[tekz999]

Warning: ini_set() has been disabled for security reasons in /home/computer/public_html/libraries/joomla/session/session.php on line 102

Warning: ini_set() has been disabled for security reasons in /home/computer/public_html/libraries/joomla/session/session.php on line 105

Warning: ini_set() has been disabled for security reasons in /home/computer/public_html/libraries/joomla/session/session.php on line 682

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/computer/public_html/libraries/joomla/session/session.php:102) in /home/computer/public_html/libraries/joomla/session/session.php on line 423

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/computer/public_html/libraries/joomla/session/session.php:102) in /home/computer/public_html/libraries/joomla/session/session.php on line 423

Warning: Cannot modify header information - headers already sent by (output started at /home/computer/public_html/libraries/joomla/session/session.php:102) in /home/computer/public_html/libraries/joomla/session/session.php on line 426
Array ( [0] => option [1] => Computer-Motherboard-News.html )
500 -
SH404SEF : headers were already sent when I got control!
Killed at line 323 in sh404sef.inc.php: HEADERS ALREADY SENT (200)
URL=http://www.computerhardware.net/index.php?option=com

 

[copper]

Thank you guys.

All my sites are same way, gettting 500 errors.
It's either hacker or tech from hosting co. trying to fix things
Servers were hit by "iframe" hack yesterday.

 

[draggar]

Yep, what they said.

I hope the host gets it fixed quickly.

 

[amplify]

What exactly is an iframe hack and how to protect from it so that others may be more prepared?

 

[Zeeble]

I'm viewing in Chrome, I see the header and 'Latest news about Motherboard...' and then a big blank space underneath.

Thank you guys.

All my sites are same way, gettting 500 errors.
It's either hacker or tech from hosting co. trying to fix things
Servers were hit by "iframe" hack yesterday.

Sounds like the Gumblar.cn virus, you should double check for JS too.

 

[copper]

What exactly is an iframe hack and how to protect from it so that others may be more prepared?

All you can do is do your best to maintain latest wordpress.
Other than that, not much you can do about it as it's server isssue, not your site issue.

If server has site with older version of wordpress, "iframe" hack will penetrate
the server and infect all other sites on that server.

So, even if all your sites are up to date, you can still get infected caused by someone else's site.

For Joomla site...
It insert one line of code (iframe) into index.php and then create index.html file with "iframe" code on it.

Anyway, one of my site, ComputerHardware.net seem ok from outside, but, it's still not quite fixed, yet.
I still see full of errors at http://computerhardware.net/administrator
I can NOT even login to it.

News page used to work until last night.
So, I am guessing Host tried to fix "iframe" damage and something happened to it.

 

[amplify]

Ok, thanks for that information. It sounds like us as administrators of our own websites should not be too worried as it affects the servers and not us directly (unless being attacked ourselves). It makes it clear that websites should be backed up often though to prevent data loss though.

 

[copper]

Ok, thanks for that information. It sounds like us as administrators of our own websites should not be too worried as it affects the servers and not us directly (unless being attacked ourselves). It makes it clear that websites should be backed up often though to prevent data loss though.

But, you should worry.
Your site visitors/customers will NOT see your site.
Also, advanced state of this hack will forward all your traffics to other site.

Update your wordpress NOW.

 

[tas38]

I just got a email about the hack, of course I'm not using wordpress for any sites right now, but I hope the fix is not hard to still or else it's going to a big problem.

But I would think wordpress is working on a fix right now, now it's a matter of how many sites get hit, but if you got a back up of your site before it was hit.

And you restore it after it's hit, it's not likely they will hit your site again, hopeful they will have a fix soon to stop the attacks, but other sites have been hit as well.

 

[copper]

I just got a email about the hack, of course I'm not using wordpress for any sites right now, but I hope the fix is not hard to still or else it's going to a big problem.

But I would think wordpress is working on a fix right now, now it's a matter of how many sites get hit, but if you got a back up of your site before it was hit.

And you restore it after it's hit, it's not likely they will hit your site again, hopeful they will have a fix soon to stop the attacks, but other sites have been hit as well.

You are not safe just because you don't use wordpress.
If you are on a shared server, you have problem since some other sites
on that same shared server use wordpress.

Btw, wordpress fix is already out

 

[tas38]

Ya I just read you only need to update to the newest wordpress, I got a 200 GB drive on the server to my self, so I'm safe but you got a point. Hopefully serve admins to start updating them to insure, they keep they numbers of hit sites low.

This kind of stuff is a real pain, you have to wonder why hackers would put so much time into hacking systems, last time I was hit it must of been server wide. Because my host changed centers after that, but it's a problem if you down any real amount of time, as google start dropping indexed pages fast.