~~~~~~~~~~~~ IMPORTANT INFORMATION -- Please read! ~~~~~~~~~~~~

1. The "search..." box above searches the Docs & Forum Posts. The "Search" tab above just searches the Forum Posts. :side:
Please use these to search for your issue *before* creating a new message topic, as your issue may have been previously solved.
2. Please put your Club # and Club Web Address in your Forum Signature (best) OR in each post to get faster support from us.
Click here to edit your signature at the bottom of the Profile Information tab.
3. Our user and admin docs are available at: support.toastmastersclubs.org/doc "There's a doc for that!" ;)
4. There is an "Opt In" Feature for newly added members. The Opt In document explains the [strike]strikethrough[/strike] member information. Click Here to View the Post
5. When posting a New Topic , please include all relevant details and be specific. When did your issue 1st occur? What operating system, browser, & browser version are you using? Did you refresh your browser cache? Are your cookies enabled? Lastly, a screen shot is often helpful.
6. Please abide by the Terms of Use . We are volunteers contributing our spare time. We are happy to assist you, so long as you are respectful and courteous.
7. We are always looking for new FreeToastHost Ambassadors to join our team and support fellow Toastmasters in their use of the FreeToastHost website system. If you are familiar with the system and have some interest, send a Send Us a Private Message.

Web Site Infected

More
9 years 2 months ago #56413 by Kanera
Web Site Infected was created by Kanera
Hi there,
I'm the Admin of our Club (#8116) web site.

A few days ago our agenda page has been infected with spam ads when a member tries to add themselves to the agenda, and the site seems to launch ads/warning pages trying to get members to phone an "888" number to 'fix' the issue. These ads are launched when a member clicks the "Sign Up" box beside each role. There is a little green box with an arrow out of the top right corner that sits inside each "Sign Up" box. The "Sign Up" boxes are twice as large as they would be normally.

I've had a number of our members bring this issue up to me. It just happened to me as I tried to investigate member complaints. I shut down the offending pages by using the Task Administrator. The ensuing mayhem shut down Internet Explorer. The next time I logged in, the infection was gone and I could not replicate the infection. I was going to take some screen captures for documentation, but that is not now possible - maybe if it happens in the future. This happened to me at work, where we run 'industrial strength" virus scanners.

It only happens when members loggin, not the administrator.

Anyone else ran into this, and how do I deal with this infection? If it happens to me again - I'll try to provide screen captures.

Thanks,
Joe Kanera
#08116 - Positively Speaking
The topic has been locked.
More
9 years 2 months ago #56414 by Brian
Replied by Brian on topic Web Site Infected
Looks like some one put some ad javascripts in your agenda header. I have removed.
The topic has been locked.
More
9 years 2 months ago #56416 by Kanera
Replied by Kanera on topic Web Site Infected
Thanks Brian. Not sure who would have done that, as I and one other person have access from our club, and we both try to keep things simple.

Again - thank you.
JoeK
#08116 - Positively Speaking
The topic has been locked.
More
9 years 2 months ago #56538 by Kanera
Replied by Kanera on topic Web Site Infected
Hi Brian,

It's happened again - Our agenda for June 8th is infected again with javascript. I tried to find the infection location to remove it, but cannot locate it. Can you have a look and let me know where it is I should be looking? And what to look for?

I had a long talk with our company IT head, and he's absolutely paranoid of these javascripts as they can download a payload and encrypt your hard drive and lock you out unless you pay a ransom. On a company network, that is a disaster.

I went through every page on the WEB ADMIN section and cannot locate any scripting. I'll change the ADMIN password tonight just in case, but only 2 other people have it and none are remotely connected to any computer operations. Our company IT head figures that maybe the main Toastmasters site got hacked where our site resides and could be propogating the script.

Any advice otherwise?

Thanks,
JoeK
#08116 - Positively Speaking
The topic has been locked.
More
9 years 2 months ago #56539 by Brian
Replied by Brian on topic Web Site Infected
Out of 10,800 sites on the server yours is the only one that has this issue.

Some one who has access is adding the script when they are editing the header.
The following user(s) said Thank You: SteveTheTechie
The topic has been locked.
More
9 years 2 months ago #56540 by Brian
Replied by Brian on topic Web Site Infected
How are you creating new agendas?

Are you using a template or are you using a previous meeting?
The topic has been locked.
Time to create page: 0.112 seconds

Copyright © 2025 FreeToastHost 3 Support. All Rights Reserved.