Current Website Issues — 14 Comments

  1. Jack, for the first time ever I got a malware warning on your site today where “Google Safe Browsing” in Google Chrome threw up a big warning message and made me ignore the warning to visit the site.

    I wonder if someone hacked your theme to insert malware somewhere in there. Might explain why your theme ate itself.

    It’s really unnerving to get that message because it says in short “visiting this site could get your computer injected with malware”… booooo

    Love your site Jack, hope you get it sorted out soon.

  2. @Mary and Mark, the only thing I could get to toss off a warning was the hostgator banner in IE as an “unauthroized site”, which makes no sense.

    I have also tried brand new versions of the theme and it still doesn’t work.

    It is also not possible that you are getting a warning from the theme being hacked because the theme is now inactive.

    My conclusions is I finally need to get the site moved over to HostGator completely rather than just have the audio and MSB hosted there.

  3. I found an iframe with the offending URL in the code on this older theme. Very strange! I removed it and we seem to be clear now.

    For those that want to know an iframe is an “inline frame” you can use it to call content into a web page and you can set the iframe to be any size in pixels you want. Including something like 1×1 pixels which no one would see. This is a ligitmate technique to call in other data, call in other images, display advertising (amazon does it), display videos (youtube does it) etc.

    Like most legitimate techniques it can be abused you can call in an entire web page, that is what was done with this issue. The offending page actually seems harmless but it needed to be and has been shut down.

    I will be getting TSPs blog and forum moved over to hostgator where the MSB and Audio servers are this coming week.

  4. Seems to be working just fine now Jack, Thanks for the heads up you do not need any more “head’s up” Enjoy your week end, mine just started 🙂

    P.S Great Job. All things take time, take yours.
    Quality has never been a question where you or your name is concerned.

  5. This old them is much better and a lot FASTER than than the newer one. I would keep it until you do further testing.

  6. Jack,

    RE: iframe

    The question remains who put the iframe in? Was it an unauthorized user? Is your login page for WordPress done over https? As someone who just started with WordPress this year, the fact that the default login is done over normal http seems very insecure to me. Once a site has enough traffic it would become a target.

    Or if you have a shell account with the host that runs the blog, the unauthorized user may have logged in to your shell account and modified your theme to put the iframe in.

    Or perhaps the content being loaded in the iframe was compromised.

    I hope you get to the bottom of it.

  7. @Dan http vs https isn’t a function of a program like wordpress or anything similar. It is a function of your web server. If you want an https login for your blog talk to your web host about setting up. There will be some additional costs of course.

  8. Re: Moving to HostGator…

    Gee, like you need something else to do while in the middle of the big Arkansas move! 🙂

    From just one listener’s standpoint… As long as the episode downloads still work, I would not worry about who is doing the hosting. Leave the old theme in place until you get the Arkansas move done, then tinker with it. No doubt the end result will be better when you have time to do it right, rather than rushing through it in the middle of everything else.

  9. @Martin McFly,

    It is bigger than just the theme, the assclown host has also caused a LOT of grief in other ways including the forum, taking over 6 hours to respond to an outage and other such things. It simply has to be done.

  10. Jack thiwsit the thrid or 4th site with this problem I have seen this past week… it seems the only ones with it are survial sites or prepardenss sites I’ve been too… Question is why? Could we have Govnt snopes causing this? or what? Not an conspriacy nut just kind of find this to coincidnetal…James

  11. Jack,
    I had to move to hostgator last week due to crappy security at my old host. I want 5 minutes alone with one of these idiot malware injecting hackers. I don’t understand why people have to try and destroy other people’s hard work. No matter what measures you take, if your host gets compromised, you’re screwed. ASSCLOWNS I SAY!