O Gato Hobby Posted September 5, 2013 Share Posted September 5, 2013 Hi, When I open my website www.ogatohobby.com (prestashop 1.3.1) it goes to sites like this ones: http://ot90xs2201beb8h01zcqfgi.bilzen-oost.be/index.php?s=b2ZqaGlzcD1jbXl3YXNtJnRpbWU9MTMwOTAzMDU1OS02NTI4NjMzNDQmc3JjPTI4MCZzdXJsPW9nYXRvaG9iYnkuY29tJnNwb3J0PTgwJmtleT0xQ0ZGRDBBNiZzdXJpPS9iYWNrdXBjb25maWcvaW5kZXgucGhwhttp://pz71g7tug5vpujun1aasm7f.binnendeur-prijzen.nl/index.php?m=cWp5amN3PXNpJnRpbWU9MTMwOTA1MDQzOS03OTg0OTgwMzEmc3JjPTI4MCZzdXJsPW9nYXRvaG9iYnkuY29tJnNwb3J0PTgwJmtleT1EM0MwREJEMyZzdXJpPS9iYWNrdXBjb25maWcvaW5kZXgucGhw It doesn't happen all the time. Around only 1 time in 20. It happens when I goes to the back office, but also happens in the front office so I don't know where I can look. Have any clue? Thanks in advance Link to comment Share on other sites More sharing options...
Dh42 Posted September 5, 2013 Share Posted September 5, 2013 You site more than likely has been hacked or you have a virus on your computer. Scan your computer first and if it still does it you will have to investigate your site. Link to comment Share on other sites More sharing options...
vekia Posted September 5, 2013 Share Posted September 5, 2013 I checked your website and everything works fine there. i suppose that problem is in your browser (or computer as Dh42 suggested) make sure that your PC isn't infected and check your browser for unwanted plugins Link to comment Share on other sites More sharing options...
O Gato Hobby Posted September 6, 2013 Author Share Posted September 6, 2013 Hi, Thanks for the replies. The problem isn't from the computer because it happens also in others computers (see by myself). And I've got also some clients that have seen this too. Unfortunaly it doesn't happen all the time so I don't know where to look. Link to comment Share on other sites More sharing options...
Dh42 Posted September 6, 2013 Share Posted September 6, 2013 If you want to send me the ftp information for your site I can check it out. PM me with it if you want. Link to comment Share on other sites More sharing options...
zakarpakar Posted September 6, 2013 Share Posted September 6, 2013 Hi, Thanks for the replies. The problem isn't from the computer because it happens also in others computers (see by myself). And I've got also some clients that have seen this too. Unfortunaly it doesn't happen all the time so I don't know where to look. Does it redirect from any perticular link or from a plain url as well. Link to comment Share on other sites More sharing options...
O Gato Hobby Posted September 6, 2013 Author Share Posted September 6, 2013 Does it redirect from any perticular link or from a plain url as well. It goes to sites like this ones: http://ot90xs2201beb...WcvaW5kZXgucGhw http://pz71g7tug5vpu...WcvaW5kZXgucGhw Link to comment Share on other sites More sharing options...
Dh42 Posted September 6, 2013 Share Posted September 6, 2013 This is happening on multiple machines? I have checked your site and I don't see anything that would indicate that the site is infected with anything. the php and js files haven't been edited since 2011, which is how a virus would work. I think it might be a tool bar or plugin on your local machine. Have you recently run a virus scan? Link to comment Share on other sites More sharing options...
O Gato Hobby Posted September 6, 2013 Author Share Posted September 6, 2013 This is happening on multiple machines? I have checked your site and I don't see anything that would indicate that the site is infected with anything. the php and js files haven't been edited since 2011, which is how a virus would work. I think it might be a tool bar or plugin on your local machine. Have you recently run a virus scan? The problem happens in multiple machines. And my computer is clean. Link to comment Share on other sites More sharing options...
PrestaHeroes USA Posted September 6, 2013 Share Posted September 6, 2013 can you post your .htaccess file? this may also be a hosting issue, have you contacted them? Link to comment Share on other sites More sharing options...
O Gato Hobby Posted September 6, 2013 Author Share Posted September 6, 2013 can you post your .htaccess file? this may also be a hosting issue, have you contacted them? I have this: # .htaccess automaticaly generated by PrestaShop e-commerce open-source solution # http://www.prestashop.com - http://www.prestashop.com/forums # URL rewriting module activation RewriteEngine on # URL rewriting rules RewriteRule ^([a-z0-9]+)\-([a-z0-9]+)(\-[_a-zA-Z0-9-]*)/([_a-zA-Z0-9-]*)\.jpg$ /img/p/$1-$2$3.jpg [L,E] RewriteRule ^([0-9]+)\-([0-9]+)/([_a-zA-Z0-9-]*)\.jpg$ /img/p/$1-$2.jpg [L,E] RewriteRule ^([0-9]+)(\-[_a-zA-Z0-9-]*)/([_a-zA-Z0-9-]*)\.jpg$ /img/c/$1$2.jpg [L,E] RewriteRule ^lang-([a-z]{2})/([a-zA-Z0-9-]*)/([0-9]+)\-([a-zA-Z0-9-]*)\.html(.*)$ /product.php?id_product=$3&isolang=$1$5 [L,E] RewriteRule ^lang-([a-z]{2})/([0-9]+)\-([a-zA-Z0-9-]*)\.html(.*)$ /product.php?id_product=$2&isolang=$1$4 [L,E] RewriteRule ^lang-([a-z]{2})/([0-9]+)\-([a-zA-Z0-9-]*)(.*)$ /category.php?id_category=$2&isolang=$1 [QSA,L,E] RewriteRule ^([a-zA-Z0-9-]*)/([0-9]+)\-([a-zA-Z0-9-]*)\.html(.*)$ /product.php?id_product=$2$4 [L,E] RewriteRule ^([0-9]+)\-([a-zA-Z0-9-]*)\.html(.*)$ /product.php?id_product=$1$3 [L,E] RewriteRule ^([0-9]+)\-([a-zA-Z0-9-]*)(.*)$ /category.php?id_category=$1 [QSA,L,E] RewriteRule ^content/([0-9]+)\-([a-zA-Z0-9-]*)(.*)$ /cms.php?id_cms=$1 [QSA,L,E] RewriteRule ^([0-9]+)__([a-zA-Z0-9-]*)(.*)$ /supplier.php?id_supplier=$1$3 [QSA,L,E] RewriteRule ^([0-9]+)_([a-zA-Z0-9-]*)(.*)$ /manufacturer.php?id_manufacturer=$1$3 [QSA,L,E] RewriteRule ^lang-([a-z]{2})/(.*)$ /$2?isolang=$1 [QSA,L,E] # Catch 404 errors ErrorDocument 404 /404.php I will contact my host supplier too Link to comment Share on other sites More sharing options...
Dh42 Posted September 6, 2013 Share Posted September 6, 2013 There was nothing out of the ordinary with the htaccess file, here is a shot of it. http://screencast.com/t/immVKwrGK6 I can't see anything out of the ordinary on the whole site. None of the js files have been edited in years, none of the php files have either. The only thing I saw that I am not familiar with was a cookie header in the php files. Here is the snippet header('P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"'); But it looks to have been in them for a few years. 1 Link to comment Share on other sites More sharing options...
O Gato Hobby Posted September 6, 2013 Author Share Posted September 6, 2013 There was nothing out of the ordinary with the htaccess file, here is a shot of it. http://screencast.com/t/immVKwrGK6 I can't see anything out of the ordinary on the whole site. None of the js files have been edited in years, none of the php files have either. The only thing I saw that I am not familiar with was a cookie header in the php files. Here is the snippet header('P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"'); But it looks to have been in them for a few years. Thanks a lot. I will contact to see if it's an hosting issue. Link to comment Share on other sites More sharing options...
O Gato Hobby Posted October 26, 2013 Author Share Posted October 26, 2013 Hi,It was an hosting issue. We change to a new server and the problem was solved. Thanks Link to comment Share on other sites More sharing options...
Recommended Posts