My one site, flamehtmlstudios.com, had some iFrame thing at the end of the code (after the </html>) that was obviously spam because Norton picked up an intruder as soon as the page loaded. It wasn't in the original page, so I reuploaded it and it's gone now.
Weird?

To make matters weirder, my other site isn't even working. alexjewell.com - Nothing on that server is working. Problem loading page! I also can't connect via FTP to it.

This is so messed up!

FYI: This is the wrong forum to post this kind of thread in (just for future reference).

The alexjewell.com issue seems to be that the server is down. I can't ping them, or connect to them whatsoever. As far as the first thing in your post, I didn't notice anything in there that seemed odd (as far as the iframe thing.)

Testing, I couldn't figure out which forum to post it in. I decided upon the lounge, because it looked safe. Haha. It's not really a coding issue, you know?

Anyway, as I stated above, I reuploaded index.php and the code disappeared. What I found strange was that it was there in the first place!

Could have been a hacker attack on your server, I have had that before on some of my other "less secured" servers.

Also,



I decided upon the lounge, because it looked safe


This isn't the lounge, it is the Feedback and Annoucements forum. That's why I posted the FYI thing.

Why would someone take time to hack my sites? What would they gain? It's not like I get much traffic or anything. Should I change my username and password?

Also, why would the server be down?

The server could be down for many reasons. ISP problems, server maintenance (spelling?), etc. As far as the hacking of the site, it could be just that it was somebody messing around with a new toy or something and just hacked the server (and all the sites on it). Then again, it might not have been a hacking attempt. These are just a few items.

Alright. Thanks.

I hope it comes back up soon. This is driving me crazy.

Who's your web host Alex? The iframe injection you just described is definitely a successful hacking of your server. Basically the hacker injects an iframe on your site that loads a malicious page that attempts to steal passwords or other illegal activities using exploits in browsers (such as IE). By injecting an iframe and serving up the malicious page that way, most visitors won't even know what's going on.

I'd contact your host immediately and tell them that your server has been compromised, and be descriptive on what exactly happened. I think any competent web host will immediately know of the iframe hack. Usually it's caused by some insecure module on your server, such as within cPanel I believe. Either way, you got to act, as you're putting your visitors at risk.

Spyware can also be responsible for this sort of thing. You should probably have tested the site on another computer to check if the iframe still appeared.

I use ucvhost (www.ucvhost.com)

I was going to, but they weren't online last night and they don't give a phone number for shared hosting. You have to have dedicated hosting to be able to call them.

Spyware can also be responsible for this sort of thing. You should probably have tested the site on another computer to check if the iframe still appeared.

It's possible, though what Alex described fits perfectly the "iframe" hack that was very widespread last year, but seem to have died down when servers began to caught up to the cause (some insecure module in Linux or cPanel I can't remember).

Alex, did you install any 3rd party server side scripts on your account, such as a chat script? If not, then the problem definitely is with some module that can preinstalled with your server account, and you need to let your web host know that. If the later, the good news is you could just move to a more secure host, and the problem should go away. If the former, you'll need to hunt down just what script you've installed is the culprit.

Might also be a forum. Forums are an easy way in if the hacker can access them.

server maintenance (spelling?)
Correct.

This isn't the lounge, it is the Feedback and Annoucements forum.

Yes it is.

I posted that before ddadmin moved the thread. Before, it was in the Feedback and Announcements forum.