CloudFlare.
https://www.cloudflare.com/
CloudFlare.
https://www.cloudflare.com/
The night has come upon us, and we have but two choices: to fear it, or to face it bravely while looking to the Light that cannot be overcome. John 8:12
Glass (17th February 2017)
Jewboo (17th February 2017)
The cure needs to be provided by our slumlord JQP:
Flish
01-02-17, 22:02
This is complex, but basically at some point a vulnerability has compromised the site and allowed code to be Injected server side into the pho scripts that power the site.
The injected code has some logic that says 'if the visitor has come from a search engine and this is their first visit then inject this JavaScript code into the page' - the injected code redirects us to the dodgy site, and is why we can't see it by viewing source and most of us are unaware, but if you kill cookies and run a script to capture output by pretending to have been referred by google you can capture the code.
The fix is for the site owners server side, vulnerability needs fixing and the php scripts cleaned up, good news it's fairly obvious to a capable Deb what the dodgybcode is, bad news is it could have been injected into 100's of files, *sometimes* you can automate cleanup, but it will happen again if you don't fix the entry point
not sure who to signpost this too, but happy to help if someone reaches out
Robert Burns
02-02-17, 05:02
Hi all,
Apologies for that, but hopefully it is now all resolved.
Cpanel upgraded
LiteSpeed server upgraded
PHP upgraded.
Site software upgraded
All server side passwords have been changed.
So hopefully we are all back to normal. If anyone see's anything dodgy, feel free to report it. The Mods all have my email address.
I can confirm it was a redirect file in the structure not an SQL injection, still not sure how they got it in the file structure, but it's gone now. You'll see that all references to the file name have been changed, I then downloaded a dump of the database and did a search, so I know we were not infected database side.
I've done a google search and clicked all the links and only come here. I urge all members to clear their cache on their browsers.
If you want to be belt & braces safe a password change is never a bad thing, though as I said before, I am content that they did not breach the database, and so no information was lost.
Once again, apologies for the inconvenience.
I'm the infamous Fred of GIM - Jewboo kindly turned over his account to me.
Not so much here, i get it on othersites that are perfectly safe.
When I load them into a stripped down chrome browser (Epic) they load ok.
I think it has to do with tracking cookies. If you dont retain them in chrome or official jew browsers u get it.
site owner, have you seen this thread?
I'll contact the ISP, and let them take a look at it. Thanks.
"What Difference, at this time, does it make?"
"What is 'is'?"
"Because you'd be in jail"
yes this is the service and I think this is where the problem lies. It is before you even get to the forum... and other site links are affected as well. They cache google search results and serve those up to users instead of hitting Google each time for a new search. They also cache popular content like YT videos and so on so that it doesn't need to get transmitted from the source every time.
I think this is the service that has been hacked or affected and is what we are seeing.
Great minds discuss Ideas, Average minds discuss Events, Small minds discuss People. E.R.
Anytime I'm in doubt I go outside and give it a little shake.
Liberty Tree.
I haven't use jewgle in years and this site is in my bookmarks so I go direct. Never an issue besides the fucked up formatting due to a lack of free updates.
Jackie did it and you know it!
Joshua01 (18th February 2017)