Results 1 to 7 of 7
  1. #1


    Member Since
    Mar 26, 2010
    Posts
    4
    Site built using iWeb keeps getting infected
    I built a small site using iWeb and it had been great for about 2 years. But recently, the site keeps getting infected by some malware or virus. I have uploaded the site many times. Everytime I upload the site again, it would work for about a day and the same thing happens again. I contacted my host and they said, "there is a problem with the way your site has been coded. When sites are not coded properly hackers can infect it, this is called an "exploit". Our recomendation is you need to get your webdesigner designer to securly code this." I have no idea what he was talking about or if it is even true. Can someone please shed some light.
    Thank you!

  2. #2

    Raz0rEdge's Avatar
    Member Since
    Jul 17, 2009
    Location
    MA
    Posts
    8,652
    Specs:
    27" i7 iMac, 24" iMac, 13" Macbook Air, iPhone 6S, iPod Nano 7th GeniPad 3
    Is your website mainly static (X)HTML code or does it involve dynamic code using JavaScript/PHP? If it's purely static, then ensure that your password to the site is very secure.

    Also, if you're on a shared account, it's possible that the hackers have gotten into someone else's account and if the security at your webhost isn't proper, they could access your files from there..

    Regards

  3. #3


    Member Since
    Mar 26, 2010
    Posts
    4
    Thanks for your thoughts. I am a first time, novice WEB builder. That is why I used iWeb. My site is purely static.
    I think you are absolutely right about the host not having their site properly secured because I can see other people's files who use the same host. i only use Cyberduck as my ftp software and I can go to the root directory of the host and see other people's sites and their files. i didn't think that would be possible, but it is. If I can see others, I am sure others can see mine and hence, infect or hack it. Time to change host, I think.
    Thanks again,
    Regards.

  4. #4

    xstep's Avatar
    Member Since
    Jun 25, 2005
    Location
    On the road
    Posts
    3,231
    Specs:
    2011 MBP, i7, 16GB RAM, MBP 2.16Ghz Core Duo, 2GB ram, Dual 867Mhz MDD, 1.75GB ram, ATI 9800 Pro vid
    When you are viewing your site via Cyberduck, what permissions are you seeing and who is the owner of the files. The owner should be your login account on that host, and the permissions for static items should be 'rw-r--r--'. On folders you'll see 'rwxr-xr-x'.

    Permissions listings have 9 columns. The first three are for the owner, the second three is for shared groups, and the last three are public. The 'r' means read, the 'w' means write, and the 'x' means execute.

    If you have no scripts running on the host, then I think you hosting support person is pulling your leg that your code is the problem. For that to occur, there needs to be an 'in' to your site. A static site doesn't have that. For instance, iWeb does not create any server side scripts.
    CameraTime - Time lapse photography for novice and advanced users.

    When asking questions, post the version of your software. You'll receive better answers.

    Please post your results to the thread as it is good feedback.

  5. #5


    Member Since
    Mar 26, 2010
    Posts
    4
    I have drwxrwxrwx on my account. But the funning thing is I can actually see that there are 4 other accounts with this same authorisation. Whilst most of the other accounts (about 200 of them) have dr-xr-xr-x. But the fact that I can even go into the root directory and see all the files being hosted on the host says to me that this host is not that secure.

  6. #6

    xstep's Avatar
    Member Since
    Jun 25, 2005
    Location
    On the road
    Posts
    3,231
    Specs:
    2011 MBP, i7, 16GB RAM, MBP 2.16Ghz Core Duo, 2GB ram, Dual 867Mhz MDD, 1.75GB ram, ATI 9800 Pro vid
    I would tell the host that the permissions are wrong and ask them to fix them. If they don't, you might be able to fix them with Cyberduck via the Info command. The 'Apply changes recursively' option will apply you selection from the folder you are down the hierarchy. Do a test run on a lower level folder. You want to remove write permission from the 'group' and 'others'.

    If this host doesn't want to fix the problem, then find a new host.
    CameraTime - Time lapse photography for novice and advanced users.

    When asking questions, post the version of your software. You'll receive better answers.

    Please post your results to the thread as it is good feedback.

  7. #7


    Member Since
    Mar 26, 2010
    Posts
    4
    Thanks xstep! I will get the permissions changed. Hopefully that would be the end of this problem.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Have I lost my iWeb/Site?
    By Sl33pyh34d in forum Web Design and Hosting
    Replies: 0
    Last Post: 11-01-2011, 04:02 AM
  2. Iweb not publishing whole site
    By allistairg45 in forum Web Design and Hosting
    Replies: 2
    Last Post: 12-04-2009, 03:14 AM
  3. Showcase your iWeb site
    By v_dash in forum Web Design and Hosting
    Replies: 5
    Last Post: 02-27-2008, 10:36 PM
  4. Getting my iWeb site back....
    By Ulairi in forum Switcher Hangout
    Replies: 0
    Last Post: 02-06-2008, 07:39 PM
  5. Why is iWeb site not looking right
    By greyS60 in forum Web Design and Hosting
    Replies: 9
    Last Post: 10-12-2006, 12:56 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •