Lost 70% traffic from google and caught that it is happening due malitious redirects to filestore . info
Will try this solution
Originally Posted by painthappy
No offense, but the support for this has been really sad here. I mean, instead of just pointing to a jumbled mess of a thread where people are trying to figure it out. How about a concise thread with all the fixings? I realize it is not vbseo's fault, but since it directly effects vbseo, and all the vbseo customers could potentially have this problem, having a concise thread would be nice.
Anyhow... Here's what I've gathered as I am also having this issue.
WHAT YOU MIGHT READ...
Many of the yahoos here want you to chmod 755 any writable directory. But what they fail to realize is that your signaturepics and customavatars directory must be 777 for people to upload. I read that far too often in that other thread.
WHAT YOU MUST DO...
Is add an .htaccess file to every writable directory that someone can upload photos into.
RedirectMatch 404 .*php\.
The other code for .htaccess I've read is this one
<Files ~ "\.(php\d*|cgi|pl|phtml)$">
deny from all
Not sure which one is more correct at this point, but both should work. Most folks have been going with the second one.
Thankfully .htaccess has a recursive effect, so if you put it in the offending directories, that should solve the issue.
The directories you need to add this file to is:
Reupload the crawlability_vbseo.xml file as a product. This will clear out the cache and fix your site immediately... As long as nothing else has been compromised.
I would say disallow uploads to your server. At least break it up. Have a different usergroup for premium members, or however you break it out on your site, and allow them to upload files. But keep the uploads only to them, not to the new folks and spammers.
If you're allowing uploads to the new members, you're keeping yourself open to this type of attack.
Remove any evil .gif files off your server
To do this, ssh to your server and run this command: