WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] [closed] Wow, just wow. URL Masking-type site hijacking with iframes (7 posts)

  1. Dave Merrick
    Member
    Posted 11 months ago #

    I'd not seen this kind of site hijacking before, perhaps it's been around and I live in a cave, but it still sucks.

    I have a site called oldknowhow.com and I haven't been on there in a good long while, (One of those someday... type-projects) and decided I wanted to write a new article. Get on my Dashboard and I noticed that jetpack is reporting my top searches are coming from cosplaybay.com. I though to myself, that's interesting, I wonder what that is, so I check it out.

    Well, it's my site loaded in an iframe and somehow they have managed to replace all my google ad code with their own, but still display my site in its entirety.

    What I did was add the javascript found on this great webpage: http://www.willmaster.com/library/web-development/URL-masking.php to my index.php

    None of the iframe break-out plugins worked, none of my .htaccess tricks worked, but this code did!

    I'm putting it into every site I own after this experience.

  2. Dave Merrick
    Member
    Posted 11 months ago #

    The plot thickens.

    I decided to check out that happens when I go to cosplaybay.com/wp-admin.php

    It takes me to this:
    http://oldknowhow.com/wp-login.php?redirect_to=http%3A%2F%2Fcosplaybay.com%2Fwp-admin%2F&reauth=1

    Not good at all.
    I can see this as a HUGE security risk if your users use google to get to your site (As many do) and then create an account, or log in with their existing.

    Am I going to have to add the breakout javascript to every .php page?

  3. Dave Merrick
    Member
    Posted 11 months ago #

    closed

  4. alaskavv
    Member
    Posted 6 months ago #

    Help .. .here is my problem.
    http://countrycousinstore.com/modules/fckeditor/fckeditor/editor/filemanager/connectors/uploadtest.html
    ok im new to building any kind of website and well I just put a site together. I don't know anything about anything. Databases, sql, my wordpress site which is a theme I uploaded. But I did notice this. ive scanned my computer.. scanned using wordfence. Here is what im coming up with. I noticed I would go to this url and my site would show up. http://countrycousinstore.com/ but I am at trimandwin.com. Can someone tell me in laymen's terms what to do. I know it has to be bad.

  5. alaskavv
    Member
    Posted 6 months ago #

    I really just want to know how I find this .. where to go .. where to look .. how to stop it. I tried to figure it out on my own and everything looked foreign to me. I don't have much time

  6. alaskavv
    Member
    Posted 6 months ago #

    I guess I have the same problem as dave does........I guess I can that code in..but I don't know how to get rid of the hijacker

  7. esmi
    Forum Moderator
    Posted 6 months ago #

    Please post your own topic.

Topic Closed

This topic has been closed to new replies.

About this Topic