Website Security Issues

A cure for all your hardware/software ailments.

Moderators: SCUMBAG, INKoRP, spud, GURU, Clan Leader

User avatar
Saratoga
Clan Leader
Posts: 1774
Joined: Tue Oct 03, 2006 10:20 pm

Website Security Issues

Postby Saratoga » Tue Jun 26, 2018 2:47 pm

Heya's fraggerz, taxdodgers and code pirates...

Im making a WP site for a friend and having some security issues/shiz.

A couple friends checking it out (testing) have said their ips blocked them or reported as malicious.... others had zero issues and successfully used every booking/reservation component.

Ive been using Virustotal.com and made progress thus far , but cant sort this last bit as to why or where from this other server shiz is from... that is in the return header.

Like that server IP ? - WTF did that come from ?
Site is hosted on Hostgator... is like the 10th-12th site I've done... never had this before.

Yes, ive done the disable plugins, changed themes, changed WP install directory, changed themes again...

Of course a css haxaround is a suitable resolution i'de take on board if you can haxitup.
(n00b me limited to basic css skilz.... still - roflz)

Any Ideas ???

Cheers
Toga
-------------------------------------------------------------------------
HTTP Response
Final URL
http:// *hidden by Toga for privacy - please pm for url if req.
Serving IP address
50 dot 87.149.43
Status code
200
Body length
91.25 KB
Body SHA-256
6e789f75ac5fa2e0ad90961ba13acdfe48920550301d23729d1b2d5c24f593b8
Headers

connection: keep dash alive
content / type: text = = = html; charchoalset=UTF-8
date: Tue, 26 Jun 2018 04:05:50 GMT
server: n g i n x / 1 . 14.0 -spaces between characters
transfer-encoding: chunked
In Loving Honour & Memory of =PiT= Baldrick
><((((º>`·.¸¸.·´¯`·.¸.·´¯`·.¸.·´¯`·.><((((º>
Quote="SCUMBAG" Yes Baldy was a fuckin legend and will always live on here !! =etouQ

User avatar
Saratoga
Clan Leader
Posts: 1774
Joined: Tue Oct 03, 2006 10:20 pm

Postby Saratoga » Tue Jun 26, 2018 2:48 pm

Hehehe.... didnt like the content.
Had to do the highlighted edits to make post.
In Loving Honour & Memory of =PiT= Baldrick

><((((º>`·.¸¸.·´¯`·.¸.·´¯`·.¸.·´¯`·.><((((º>

Quote="SCUMBAG" Yes Baldy was a fuckin legend and will always live on here !! =etouQ

User avatar
INKoRP
Posts: 1870
Joined: Fri Feb 10, 2012 1:43 am
Location: Perth
Contact:

Postby INKoRP » Tue Jun 26, 2018 5:11 pm

Can you get them to send screenies of exactly what their browsers are saying? Be sure to include the address bar and any part of the UI that deals with SSL (Securtiy Certs or Padlock icon etc)

User avatar
Saratoga
Clan Leader
Posts: 1774
Joined: Tue Oct 03, 2006 10:20 pm

Postby Saratoga » Tue Jun 26, 2018 5:24 pm

Ive not setup a SSL... the only screenie is from a phone
Attach853_20180626_090758.jpg

I'll pm you the full url
In Loving Honour & Memory of =PiT= Baldrick

><((((º>`·.¸¸.·´¯`·.¸.·´¯`·.¸.·´¯`·.><((((º>

Quote="SCUMBAG" Yes Baldy was a fuckin legend and will always live on here !! =etouQ

User avatar
INKoRP
Posts: 1870
Joined: Fri Feb 10, 2012 1:43 am
Location: Perth
Contact:

Postby INKoRP » Tue Jun 26, 2018 5:38 pm

I'm almost 100% sure it's because of the lack of SSL Certification. If they click that "not recommended" option it should let them see it. It's likely a default browser security setting that stops you accessing sites that don't encrypt data you send to it (Like smaller newer sites etc.)

For the record it opened fine on mine, no issue other then an FYI from the browser about the SSL Cert. (It didn't hit Red Alert :D)

User avatar
INKoRP
Posts: 1870
Joined: Fri Feb 10, 2012 1:43 am
Location: Perth
Contact:

Postby INKoRP » Tue Jun 26, 2018 5:41 pm

Firefox and Chrome open it fine, Explorer had a meltdown but by clicking the same thing Disregard thingo I mentioned earlier it went through fine.

User avatar
INKoRP
Posts: 1870
Joined: Fri Feb 10, 2012 1:43 am
Location: Perth
Contact:

Postby INKoRP » Tue Jun 26, 2018 5:46 pm

As a rule of thumb not using SSL is a bad idea, expecially if you're internet bacnking etc where sensitive data is being passed back and forth, but if you're sure of the source/data like that most likely is it's fine.

User avatar
INKoRP
Posts: 1870
Joined: Fri Feb 10, 2012 1:43 am
Location: Perth
Contact:

Postby INKoRP » Tue Jun 26, 2018 5:55 pm

I think I can pay ~$90AUD for SSL Cert. for my site but it's not worth it for me.

User avatar
Saratoga
Clan Leader
Posts: 1774
Joined: Tue Oct 03, 2006 10:20 pm

Postby Saratoga » Tue Jun 26, 2018 6:22 pm

Yer... ok.
Is that SSL $90/year ? or is a once off thingo ?

No financial transactions on website. Only basic contact data for bookings.
Feel free to make a test booking... obviously I can delete it.

The owners friend freaked and squealed about "Malicious & Phishing" warnings when blocked, when she tried... so did my sister from USA.

Am still a bit concerned that 6/68 engines on virulstotal have flagged it....
AutoShun - Malicious
Emsisoft - Phishing
Fortinet - Phishing
G-Data - Phishing
Malware Domain Blocklist - Malicious
Sophos AV - Malicious

I suppose I could raise the issue with them individually and see what shiz hitz...

The next, and hopefully last drama, will be migrating & directing her domain name to my WP install.
(Building and hosting as a favour for teh wifey..... gah - I can see this will be a never ending round of website updates/styles/layouts/pics/functionality etc..)

Cheerz-n-Beerz Inky :D
In Loving Honour & Memory of =PiT= Baldrick

><((((º>`·.¸¸.·´¯`·.¸.·´¯`·.¸.·´¯`·.><((((º>

Quote="SCUMBAG" Yes Baldy was a fuckin legend and will always live on here !! =etouQ

User avatar
INKoRP
Posts: 1870
Joined: Fri Feb 10, 2012 1:43 am
Location: Perth
Contact:

Postby INKoRP » Tue Jun 26, 2018 6:56 pm

I never really finished looking into it so I'm far from a full bottle on SSL. It was a service my web host offered. It can vary greatly who you go through and what the requirements may be, definitely shop around, fairly certain you can get them for a reasonable price if there's no way around it. The expire so usually the cost would be based on when that happens.

The whole 'phishing' aspect is mostly scare-tactics to ward the uninitiated from plugging in bank details and passwords into dodgy websites where their traffic may be sniffed or monitored en route. But if you know the traffic's origin etc, it sounds like overkill.

I'd guess that the bigger deal the browser makes about it the more secure they can advertise themselves as being. While they're not technically wrong it's mostly easily ignored if you're careful.

P.S. Made a booking :D

P.P.S. Some info to make it not so scary: https://support.mozilla.org/en-US/kb/mi ... =inproduct

User avatar
INKoRP
Posts: 1870
Joined: Fri Feb 10, 2012 1:43 am
Location: Perth
Contact:

Postby INKoRP » Tue Jun 26, 2018 6:58 pm

Domain pointing to your WP install shouldn't be hard at all.

User avatar
blink
Admin
Posts: 1072
Joined: Tue Oct 03, 2006 8:12 pm
Location: Perth
Contact:

Postby blink » Wed Jun 27, 2018 2:21 am

Hey toga,

Normally your webhost will have a feature to enable HTTPS/SSL (some offer it for free, but looks like Hostgator charge $20/yr)

...However it looks like your site was explicitly reported for phishing, so I doubt enabling HTTPS will change that. Are you sure your site wasn't compromised? I would think about resetting your passwords and do a fresh WP install, making sure none of the old files are still there, and then report that the website no longer contains any threats.
You and your red fabric robe, glasses and peace pipe in your mouth for that damned split second!

User avatar
Saratoga
Clan Leader
Posts: 1774
Joined: Tue Oct 03, 2006 10:20 pm

Postby Saratoga » Mon Jul 02, 2018 12:32 am

Cheers Inky & Blink... posted more in clan section.
In Loving Honour & Memory of =PiT= Baldrick

><((((º>`·.¸¸.·´¯`·.¸.·´¯`·.¸.·´¯`·.><((((º>

Quote="SCUMBAG" Yes Baldy was a fuckin legend and will always live on here !! =etouQ


Return to “Spud n GURU's Tech Topics”

Who is online

Users browsing this forum: No registered users and 1 guest