Posted by Aleet on May 4, 2012 at 12:38am
Hello, I have a 4.7.11 site that is suddenly displays rotating ads below the footer: http://projectharambee.org/
I didn't find anything changed in index.php in the root and page.tpl.php in the bluemarine theme folder.
The code for the ad does NOT show up in the source code of the page output. I don't understand how that is possible.
Would you please suggest what else to check and how to prevent this from happening in the future?
(If this is not the right group for this request, please let me know which group I should post for help. This group is what I found when searching for "security".)
Comments
Sorry to hear about the
Sorry to hear about the compromise. I'm not seeing the ads, but maybe you fixed that.
Honestly, I don't think you're going to get a lot of sympathy from folks when you're running a version of Drupal that came out 5 years ago...unfortunately vulnerabilities are constantly found (either by good guys or bad guys) in software packages and updates are released several times a year.
The short answer to preventing a compromise in the future is upgrade the site to Drupal 7 and the latest modules, and then configure the site to email you when new software updates are released that need to be applied to the site. That'll fix probably 95% of potential issues.
Good luck!
Protected Industries
site not hacked / upgrades
Hi proindustries,
Thank you for your response. Turns out the site is not hacked. Finally figured out the banner ads are placed there by a Chrome Extension called "Send with Gmail", which I am uninstalling.
About upgrading:
I've had this discussion before. Drupal upgrades are painful, risky, time-consuming. I have spent so much of my life trying to get upgraded sites to look and function the same way as before - and almost always never succeeded totally.
Just saying one needs to upgrade to drupal 7 is technically correct. But you know all the work involved, upgrading incrementally to reach 7. What about the theme that needs to be replaced and edited to look like the earlier version? What about all the extensions that probably won't be available?
I know Drupal pros who'd probably could do all this in matter of a couple of hours or less. But I and many others who use drupal are not in that league.
So I just upgrade important, paid sites. This one happens to be a freebie I made for a non-profit, whose owner promptly turned tit into into a nightmarish jungle with all those colored fonts, etc.
I hope this discussion applies to this group. Upgrades are necessary and very beneficial. But for heavily customized sites and for certain people like myself who are not Drupal pros, it can be a hellish experience and better to avoid.