0

I have an issue with my website, when visitors try to access it shows the deceptive site ahead warning I used google search console to try to fix it (as I successfully did it previously with some others sites) but I'm still not able to get rid of it. Usually what I see, is some weird subdomains that have been created in my cPanel, or suspicous/malicious files or repertories that have been created. And google search console comes in handy by pointing at the paths of theses threats so i can remove them and ask google to re-check, and they remove the warning. I also change the password, and setup a wordpress firewall plugin.

But for this time, the paths and subdomains google search console revealed were malicious didn't exist at all, or at least i couldn't find it on my cPanel. So can't remove it.

Here are the links google spotted (I replace the real domain with "my-domain.org"):

http://conto-corrente-per-cliente.my-domain.org/
http://conto-corrente-per-cliente.my-domain.org/wifi
http://conto-corrente-per-cliente.my-domain.org/wifi/
http://conto-corrente-per-cliente.my-domain.org/wifi/6b1412de29fe823ed0da13270d3f806c
http://conto-corrente-per-cliente.my-domain.org/wifi/6b1412de29fe823ed0da13270d3f806c/
http://conto-corrente-per-cliente.my-domain.org/wifi/6b1412de29fe823ed0da13270d3f806c/login/
http://conto-corrente-per-cliente.my-domain.org/wifi/f94a185ab2085bb9e5c964f8cb6cb537
http://conto-corrente-per-cliente.my-domain.org/wifi/f94a185ab2085bb9e5c964f8cb6cb537/
http://conto-corrente-per-cliente.my-domain.org/wifi/f94a185ab2085bb9e5c964f8cb6cb537/login/
http://seguro-link-banca-https-vdf.my-domain.org/
https://conto-corrente-per-cliente.my-domain.org/wifi/ebc823987d11fb1c7c3ac82a4483bcf0
https://conto-corrente-per-cliente.my-domain.org/wifi/ebc823987d11fb1c7c3ac82a4483bcf0/
https://conto-corrente-per-cliente.my-domain.org/wifi/ebc823987d11fb1c7c3ac82a4483bcf0/login/
https://my-domain.org/

Any help would be appreciated. Also I'd like to know what are all the possible ways for hackers to do this apart from knowing your password ? And how to protect my self to never experience this again.

Xsmael
  • 103
  • 2
  • 1
    Does the subdomains you don't recognize resolve? What is your *actual* domain name? – vidarlo Jun 11 '22 at 19:31
  • @vidarlo How do I check if they resolve? At least when I try to load them with the browser it doesn't work. Is it safe to actually publish my domain here? I see that people usually hide their IP/domains when posting. – Xsmael Jun 11 '22 at 20:34
  • 2
    It's not a security risk. You're already exposing them to the internet. It may or may not be a public relations-risk, but unless you're a well known brand the fall out is not likely to be significant. – vidarlo Jun 11 '22 at 21:12

0 Answers0