• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved web site hacks

klockstone

klockstone

New Pleskian
I've come across 2 holiday accommodation web sites that seem to be compromised by gaming equipment ads. To see this, Google on 'Malston Mill' and 'Dittiscombe'. Both have the correct link in to their sites, but short description is nothing to do with them. Click on the 3 dots and you'll see their caches have been taken over by the advert.

Does anyone know how this exploit works and if the Plesk system is resistant? How do you get rid of this?

Duckduckgo and Mojeek don't seem to have the same problem.

Keith Lockstone
 
I see no indication that those websites are running on a server with Plesk, they appear to be running on servers with a different control panel.
So Plesk most likely has no relation to those websites.
Note: Both websites are running with Wordpress so the hack was very likely made through outdated/insecure Wordpress installations and/or plugins.
 
I looked at the source and Malston Mill seems to be running WordPress 4.9.22 and Dittiscombe WordPress 5.6.10. Both have been compromised.

I've notified both (I know one of the owners) but have had no reply so far.
 
You must log in or register to reply here.

Similar threads

A
Issue Several Web Presence Builder sites hacked
Replies
2
Views
2K
AlexandreS
A
B
Question Welcome email and password retrieval
Replies
0
Views
1K
BjornO
B
P
My plesk server was hacked by Anoncoders, twice.
Replies
7
Views
5K
trialotto
T
P
Resolved set handler for .php in symlinked directory
Replies
2
Views
3K
Juul
J
GunFood
0day exploit selling for Plesk <= 10.4.4
Replies
7
Views
9K
IgorG
IgorG
Back
Top