: Phishing alert but file never existed I got an alert from Google Webmasters. They say the following file was present in my host: example.com/~jhostgop/identity.php I checked my files and it never
I got an alert from Google Webmasters. They say the following file was present in my host:
example.com/~jhostgop/identity.php
I checked my files and it never existed at all.
I've experience this problem in two different host and domains but the file never existed in my file system.
It appears somebody out there is linking a random domain and it prefixes the link with /~jhostgop/identity.php. Now Google may have indexed them so now I get those false phishing alerts.
Anyone experienced this? Is it possible to prevent this?
More posts by @Ogunnowo487
2 Comments
Sorted by latest first Latest Oldest Best
They malware might have infected the .htaccess on your site to redirect, identity.php to something else without ever touching the file system. Or it could be a hack into the PHP code to capture calls to identity.php and do something wit it.
I would recommend your best course of action is to download the whole site codebase & do a search for identity.php or perhaps even base64_encode or base64_encode since much malware is obscured from pure text searches because of base64 encoding.
Forensics like this is tedious, but if it’s happened to you more than once you need to dedicate some time to go through all your code to find the infection.
Here is a list of things that I would do if I were you:
Change all the login details to the server including but not limited to FTP, SSH and login details to the CMS if you use any.
Disallow example.com/~jhostgop/identity.php in your robots.txt.
In Google Webmaster Tools, submit a page removal request for example.com/~jhostgop/identity.php
These above steps should stop Google from displaying such messages in future. However, the ultimate solution to this would be to identify the security loop hole and fix it, which can only be done with a detailed examination of logs.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.