• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved web site hacks

klockstone

klockstone

New Pleskian
I've come across 2 holiday accommodation web sites that seem to be compromised by gaming equipment ads. To see this, Google on 'Malston Mill' and 'Dittiscombe'. Both have the correct link in to their sites, but short description is nothing to do with them. Click on the 3 dots and you'll see their caches have been taken over by the advert.

Does anyone know how this exploit works and if the Plesk system is resistant? How do you get rid of this?

Duckduckgo and Mojeek don't seem to have the same problem.

Keith Lockstone
 
I see no indication that those websites are running on a server with Plesk, they appear to be running on servers with a different control panel.
So Plesk most likely has no relation to those websites.
Note: Both websites are running with Wordpress so the hack was very likely made through outdated/insecure Wordpress installations and/or plugins.
 
I looked at the source and Malston Mill seems to be running WordPress 4.9.22 and Dittiscombe WordPress 5.6.10. Both have been compromised.

I've notified both (I know one of the owners) but have had no reply so far.
 
You must log in or register to reply here.

Similar threads

E
5 Excellent WordPress Backup Solutions
Replies
14
Views
3K
MiAn
M
P
Resolved set handler for .php in symlinked directory
Replies
2
Views
1K
Juul
J
J
How to start your online store with WooCommerce
Replies
0
Views
3K
joerg
J
D
Migration Manager from 10.x to 11.x - headache!
Replies
4
Views
2K
Eric Pretorious
E
E
Plesk 8.6 Ubuntu LTS 8.04 LTS server hacked by HEXBOOT3R exploited www-data and /tmp
Replies
0
Views
3K
eugenevdm
E
Back
Top