Mobile app version of vmapp.org
Login or Join
Mendez628

: Website redirecting I know this might not be the correct section or the correct topic but I'm totally out of other options. I've hosted a website for a client for the last year now. I paid

@Mendez628

Posted in: #Dns #Domains #WebHosting

I know this might not be the correct section or the correct topic but I'm totally out of other options. I've hosted a website for a client for the last year now. I paid the company that hosts my domain (EthernetHost.com) about a week and a half ago(June 18th) right before my domain was supposed to expire(June 24th). Now for some reason, I'm being redirected to what I believe to be after some research a malicious website. I've looked at tons of web pages and I'm still not able to find a solution. I've updated nameservers and giving it time. No resolution there. I've contacted the web host and asked if it's anything on their side. No resolutions there.

When I access my site through a proxy it will load...

I've done almost everything I could think of to resolve the issue and nothing seems to help.

My domain is luxecurbing.com and it is redirected to ww2.luxecurbing.com/?folio=7POYGN0G2
Any help would be amazing.

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Mendez628

2 Comments

Sorted by latest first Latest Oldest Best

 

@LarsenBagley505

Both Rob (a member here on webmasters.stackexchange.com) and I have tested your home page with the command line utility curl and he has tested it with a text-based browser lynx. Neither of us had viruses during the test. Neither of our results show a redirection to the URL with parameters added.

One of the following has happened:


A configuration has been set in your web hosting server so that requests only from your IP address are redirected to the parameter-included URL.
You're using a web browser that is infected with a virus that causes certain URLs that are typed in to be redirected.
Your network stack in your operating system is corrupted.
Your computer has a virus.
You have a special cache setup on your computer that needs to be flushed.


To narrow things down, start by using a new computer hooked up to the same internet and access the page. If that doesn't work, then take that new computer to a local location that allows you to use their internet for free and test from there. If that doesn't work, then your server configuration is set to redirect IP addresses if the IP address falls within a certain geographic region.

If the redirect happens still, then look for any .htaccess files on your server and remove any entries in reference to IP addresses. If you have shell access, look for the httpd.conf file and remove any IP address entries from there that cause URL redirections. If you are not that familiar with those files, you may want to ask the web hosting administrators to do a fresh reinstall of apache and reset the httpd.conf file. Also, make sure you set strong passwords to all your services on your server that you have access to.

10% popularity Vote Up Vote Down


 

@Deb1703797

download the hidden file ..htaccess from your root directory of every webside/domain folder check if there are any URL redirections you have not allowed (google how to find it)

Call your hosting company!
Tell them your website is getting redirected to malicious url and ask their tec support to fix the issue immediately.
If you write a ticket, put Virus somewhere in your header and leave your phone number in the description. Tec support will be fast to check it out.

Download your whole FTP folder (not into your C drive). Download the programm InfoRapid (http://www.inforapid.de/html/srdownload.htm) and search your downloaded FTP folder for this string "http://ww2.luxecurbing.com/?folio=7POYGN0G2" or parts of it like "luxecurbing"
Inforapid searches all your files for this string. but you have to specify all the file extensions of your homepage.
use the following one

*.htm | *.html | *.txt | *.php | *.sql | *.xml | *.xaml | *.js |*.pdf | *.dll | *.svc | *.csv | *.xls | *.xlsx | *.aspx | *.asmx | *.ascx | *.ashx | *.config | *.vbs | *.css | *.ipa | *.min | *.bax3d | *.xsd | *.Master | *.resx | *.skin | *.json | *.exe | *.nlog | *.bat | *.sq | *.py


Example screenshot www.pic-upload.de/view-31061139/Capture.png.html
This will seach all your files for the search string an give you all files and rows where this code is implemented. so you can manually delete it or use Inforapid to search and replace it with ""

Last but not least let your antivirus and anti maleware programm run through this folder....

Someone probably has put some bad code in your webside´s files through injection or something. I had the same once, malicious code in every file.
After you have cleaned everything up, check for security issues on your page. Probably java script or flash.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme