Muse site keeps getting hacked and spammed.

Explorer ,
Mar 20, 2017 Mar 20, 2017

Copy link to clipboard

Copied

Hi all,

How can I add security to my muse website to stop it being targeted by spammers?

A website I've made with Muse keeps getting hacked and spam content gets inserted into the files so it shows up on Google search results and also in embeds when I try and reference the URL.

See attached example:

Screen Shot 2017-03-20 at 14.04.13_Spam.jpg

I contacted the hosting provider and they assured me their servers are secure.

They also say that there is no security on my site and that is the problem...

Screen Shot 2017-03-20 at 14.16.19_support.jpg

The first time this happened I changed my FTP password and hosting login details.

I removed ALL files from the hosting server and re-uploaded the entire site fresh from Muse. This solved the problem for about a few weeks, but then it happens again (even with new passwords).
So this must be a problem with the security of the HTML files Muse is creating or widgets on the page? (I have a few widgets from Musethemes.com).
How can I make the files secure or add security to the website and stop the spam?

* I'm a designer not a developer with very limited knowledge of code. 😕

Thanks in advance.

Robbie.

Views

1.4K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct Answer

Adobe Community Professional , Mar 20, 2017 Mar 20, 2017
So this must be a problem with the security of the HTML files Muse is creating
Not at all. They are just files.
widgets on the page?
Could be, but this is questionable at best. Without knowing what widgets you used, nobody can tell you much, anyway.The rest is between you and your provider, but to be blunt, I don't think that cheap & dirty hosting services like 123Reg, GoDaddy and a few others are particularly trustworthy. In any case, at least reset your virtual hosting space on the server configu...

Likes

Translate

Translate
Adobe Community Professional ,
Mar 20, 2017 Mar 20, 2017

Copy link to clipboard

Copied

So this must be a problem with the security of the HTML files Muse is creating

Not at all. They are just files.

widgets on the page?

Could be, but this is questionable at best. Without knowing what widgets you used, nobody can tell you much, anyway.

The rest is between you and your provider, but to be blunt, I don't think that cheap & dirty hosting services like 123Reg, GoDaddy and a few others are particularly trustworthy. In any case, at least reset your virtual hosting space on the server configuration backend and re-initialize it completely from scratch with fresh passwords.

Mylenium

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Jun 16, 2017 Jun 16, 2017

Copy link to clipboard

Copied

I too am having this EXACT problem and got the same BS answer from 123 Reg. How did you rectify the issue?

-M

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 20, 2017 Jun 20, 2017

Copy link to clipboard

Copied

I sorted this issue at the beginning of this month by deleting ALL the files on the web server, and re-uploading the files created by Muse. This fixed the issue, but I just checked today and the same problem has appeared and 'YES' it's 123-Reg also.

If you use Google Webmaster Tools, you can actually see the problem, by performing the Fetch as Google function, the GoogleBot sees the suspicious site, before it sees the actual site.

.GoogleBot.PNG.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Jun 20, 2017 Jun 20, 2017

Copy link to clipboard

Copied

EXACTLY the same problem presented in the same way too

I am consulting with a web security firm as to how to rectify this. The possibility of weak code from Muse has also been suggested by the consultants as a way they have gotten in. Hundreds of Euros to correct this problem and safeguard against it.

"100% malware code is injected to core file of your website, it filters traffic from google server and from visitors. For google traffic it shows different content (black SEO)... Weak code or bug, or maybe hacker has access to admin area or you host multi sites on the same hosting account and each website has full access to each other. Without analyze it's hard to say what is the reason."

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jul 25, 2017 Jul 25, 2017

Copy link to clipboard

Copied

I've had exactly the same problem. Using Muse and 123 Reg and after a few months each time finding my site hacked. It must have happened about six times. I tried changing passwords making them impossibly hard and cleaning out the files and uploading and notifying google console/fetch the site was clean again.

I am now certain the hack was going through the scrolling images widget on the front page of the site. It's my only widget on the site. I have taken the scrolling images widget out and now have a static image and I've not been hacked for six months now. It's probably that the widget originated from a very early version of Muse. I'm just relieved I don't find every few months my google rating go right down and my site with weird text selling Spanish sportswear, sunglasses and the like.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Jul 25, 2017 Jul 25, 2017

Copy link to clipboard

Copied

I have had to employ site security at 600 Euros a year to protect my five websites against this sort of intrusion now.

I also tried INSANE passcodes made of nothing but numbers, random letters and symbols and it still kept happening. I didn't even have scrolling image widget and still got it! Repeatedly cleared FTP , etc exactly as you described and was repeatedly attacked.

Mine were replica Rolexes. Fake NBA jerseys from China and all sorts of tat.

After employing the security team, all but one of my sites were clean. I was attacked once more, and pointed this out to them; which they promptly rectified and put a special watch on that particular site. It also happened to be the one that got the most traffic.

It's definitely a leak or weakness in a code / php SOMEWHERE from Muse that's letting them in; of that I am sure.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Aug 01, 2017 Aug 01, 2017

Copy link to clipboard

Copied

Oh well. I thought the removal of the scrolling image fixed the spamming as I was clear for six months but I just got spammed again on my Muse site on 123-Reg.

Back to the drawing board with a complete clear out of files on server, notify google console and change passwords. The next step will be to change web host provider.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Aug 13, 2017 Aug 13, 2017

Copy link to clipboard

Copied

LATEST

I had the same problem. The contact form widget is an easy in for bots to bypass and gain direct access to your ftp. Since I removed my contact forms and only use clickable email (mailto:) links, I've had no more hacks. I think contact forms generally are easy ins on most platforms.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines