Hacked MediaWiki
|
|
If you own a wiki site and specifically use Mediawiki, you may have some vulnerability towards hackers. At the top of the picture to the left is how the web-bot sees the normal homepage of a website. The bottom two is how the web-bot sees the hacked home pages of the website. The web surfers can't see what the web-bot sees. So to him/her your site looks normal. However, search engines like google will start showing on the search engine results that your site is "hacked". People will not click on your site's link. Even if you rank at the top 10 of the search results. Most likely the hacker managed to hack into your site via ftp or cpanel because this type of hacking is not done via user log-in. Spamming via user-login is easy to detect because the wiki keeps a record of every page created with a history. Make sure that you secure you server passwords, cpanel, and ftp passwords. In this case the attack was directed towards the root index.php of the wiki. When the index.php is hacked all the pages in the wiki are affected. In other words if you have 250,000 pages in your wiki, all of them are affected. They will show on search results from google with a warning label saying that your site is "hacked" |
|
|
The next step is to use your google webmaster tool and fetch the affected page. Once that is done you will see the hidden or cloaked codes within the page. Usually links to other sites for commercial purposes.
The picture to the left shows some of the links that the cloaked codes reveal. If you do not correct this, the number of visitors to you via search engines will drop to nothing. |
|
| |
|
The picture above is that of a hacked index.php of the wiki. The index.php file always starts with a
All the codes above this are the hacker's codes.. You need to delete those malicious codes. |
Always secure your passwords.