Welcome, Guest
Username: Password: Remember me
Got a Joomla problem? Post as much detail about it as you can here to see if you can get a solution.

Help others in the community - post your Joomla tips and how-tos here.

TOPIC: Suspicious Site Warning - What can I do to remove, repair so this goes away?

Suspicious Site Warning - What can I do to remove, repair so this goes away? 6 years 3 months ago #7159

  • Bwendo
  • Bwendo's Avatar
  • Offline
  • Fresh Boarder
  • Posts: 3
I have just one site out of about 46 that keeps getting suspicious url warnings for prople using Trend security.

I have tried calling them and getting the site taken off the hotlist or whatever it is, but then nothing comes of it.

What do you think I am doing wrong? Is there something I can do to fix the site myself so it just doesn't come on their radar ever again?

Thanks for your feedback. I am sticking with Joomla for this site as I have spent hours trying to learn all Joomla's little tricks and tips, and don't want to pull the pin at this advanced stage.

But would the problem go away if I started a completely new site from scratch and then deleted the old one and moved the new one across to the domain. Or is the domain tainted in general?
The administrator has disabled public write access.

Suspicious Site Warning - What can I do to remove, repair so this goes away? 6 years 3 months ago #7160

  • pjackson
  • pjackson's Avatar
  • Offline
  • Moderator
  • Posts: 111
  • Thank you received: 44
Unfortunately, malware injections happen, and more recently, they're becoming more covert, often placing malicious files in sub folders deep in your site.

I would first suggest you sort your file manager view by date, and see where there are more recently modified files and folders, then check what's in them with those dates. You should be able to match up your installed site with an unpacked version of the Joomla standard install package to see what may not supposed to be there - keeping in mind extra files and folders for components you install may be there.

Reinstalling Joomla over the top of the site to get core files reinstated is another good idea - you can do that easily with Akeeba Admin Tools www.akeebabackup.com

The other main thing I'd recommend is to take the opportunity to go and get your free audit (first audit is free) at www.myjoomla.com. One of it's features is that it will identify files that may not supposed to be on your site, and you can then go and remove them.
Patrick Jackson | Melbourne Australia | Certified Joomla Administrator
linktr.ee/partic
Ask Anything Joomla and I'll helpfully tell you where to go :)
Australian Joomla Community: fb.me/JoomlaAu
The administrator has disabled public write access.

Suspicious Site Warning - What can I do to remove, repair so this goes away? 6 years 2 months ago #7195

  • peter.leslie
  • peter.leslie's Avatar
  • Offline
  • Fresh Boarder
  • Posts: 3
  • Thank you received: 1
Patric suggestions are the way to go.

However what become tainted is not so much your domain - as the IP address associated with the Domain. This been the IP address of the server your website lives on, IP address are more often the issue than domain names (although not 100% of the time)

If you have followed Partic's suggestions and are certain you have no malicious files on your site. Then you need to ask your web hosting computer to
a) move you to another server with another IP address
b) get them to submit a request to Trend security to remove the block - generally the OWNER of the IP address has be the one to initiate these removal requests.
c) move web hosting companies - if the above don't work

also be away that on a shared web host server - another site could be the cause of the corruption/malicious code - but because your website shares the same IP address - you are both tarred with the same brush.
The administrator has disabled public write access.

Suspicious Site Warning - What can I do to remove, repair so this goes away? 6 years 2 months ago #7196

  • pjackson
  • pjackson's Avatar
  • Offline
  • Moderator
  • Posts: 111
  • Thank you received: 44
Out of curiosity Bwendo, has your site's issue been resolved? What did you eventually do to find the issue?
Patrick Jackson | Melbourne Australia | Certified Joomla Administrator
linktr.ee/partic
Ask Anything Joomla and I'll helpfully tell you where to go :)
Australian Joomla Community: fb.me/JoomlaAu
The administrator has disabled public write access.
Time to create page: 0.097 seconds
Powered by Kunena Forum