As an advocate of eLearning, I’ve been trying to maximize the use of technology for teaching. Since, I’m not that active in the academic circle recently, as a service, I decided to put up an online forum for us in the business of language studies and research and that was the English Studies Forum.
Despite the meager membership (mostly BAES seniors from our department), it served its purpose of idea and resource sharing. Too bad, even such an innocent effort can be knocked out by web baddies. The site suffered from a hidden iframe injection attack three days ago and Google and Firefox decided to flag the site as a malware site.
It was my first time to encounter such a problem and since I’m only have a wee bit of savvy when it comes to these things, I had to research about the matter. Found out that quite a lot of SMF, WordPress and Joomla sites have been affected by this malware and most “expert” opinion say that this is primarily a hosting problem.
Stumbled upon Dasient and used it to find the isntances code. I then deleted all instances of the flagged code across the files and changed all the passwords (FTP, SMF CMS, and DB) and still, the iframe codes were being injected again after a few hours. I tried reinstalling SMF as well to be sure, but the code keeps getting injected.
This resulted in failing Google’s badware review every time so I just decided to take down the SMF site and replaced it with a static HTML page just to pass Google’s review. As of this morning, Google has finally found the site clean.
This leaves me wondering what I’d do with the site now. Since I own the domain, I do have several options. I can create a new forum and just re-upload a backup of the database or I can consider other site scripts and site types. Putting up a collaborative blog is also a possibility.
Still, I told my hosting provider to check their servers and reassure me of security before I do anything about it. Else, I might have to ditch their service and move the site to my other hosting provider which has had a good track record. (As I’ve said, I never encountered this issue before).
Now this leads me to re-evaluate my own web “infrastructure” investments as well. I currently have five websites running including this blog that are hosted across three hosting providers. I’ve been meaning to consolidate them under one hosting (perhaps a larger capacity host that allows unlimited add-on domains or even a reseller or VPS account).