[Hh#40579] Chinese Website Showing Instead Of My Website

[HelioHost]

Hi,

 

I have just loaded my website up from Bing and have received a website in Chinese that is not my website. Also when Google Bot and Bing Bots from Google Webmaster and Bing Webmaster shows up the Chinese website instead of my website.

 

--

 

Kind Regards

 

Jonathon Roberts

 

Gems In The Country Crystals was founded by Jonathon Roberts in 2009, and has grown into a high-end mineral and geological collection with many unusual specimens. We hope you like our website: www.gemsinthecountrycrystals.cf, Please email any enquiries or contributions to our website to: info@gemsinthecountrycrystals.cf

[Krydos]

Are you talking about gemsinthecountrycrystals.cf or some other domain?

[jonathonrobertscrystals]

Hi, This is the website what I get when I load up my website:

 

[removed chinese spam advertising]

 

Yes, www.gemsinthecountrycrystals.cf

 

The Chinese Spam Advertising is what loads up when I scan my website with Google Webmaster, and also Bing Search, However, Google Search works fine and loads my website as normal.

 

Please could you have a look.

 

Thanks

Edited September 2, 2017 by Krydos
We don't want links to all of that junk on Helionet

[Krydos]

It looks like that domain is hosted with hostinger so you'd have to ask them.

[jonathonrobertscrystals]

Its not I have moved my website to your Nameservers.

Hi,

I have just checked my settings, and my domain nameservers point to: ns1.heliohost.org. and ns2.heliohost.org.

 

And when I check my domain with: dnscheck.pingdom.com it tells me that my domain nameservers are pointing to Heliohost servers.

 

Thanks

[Krydos]

Ah, I looked at the source of your wordpress install, and it looks like you got hacked. This is really common with wordpress. Check out index.php. See how it includes wp-admin/8? Then look at wp-admin/8 and it's full of spam. The most common reasons for wordpress to get hacked is outdated wordpress software, downloading plugins with backdoors, or installing themes with backdoors. We always recommned only installing themes and plugins from reputable sites. Most free themes and free plguins are just disguised malware.

 

You probably should wipe your entire wordpress install and start again with a fresh install. Or better yet don't use wordpress at all. Wordpress is hands down the easiest cms to hack and the most commonly targeted.

[wolstech]

That's very odd...It works when I Google it, but bing gives me the Chinese (actually Japanese) site. If I had to guess, there's two things that could cause this: the Freenom domain (likely) or Wordpress malware (less likely).

 

Our system can't cause what you're experiencing, so either your domain registrar (Freenom) or your software is doing it (Wordpress or an extension may be infected).

 

If you don't know, Freenom is known for hijacking the domains they offer and using them to serve dubious websites or malware (usually fake software updates or Microsoft support scams). They make their money this way since they give the domains away for free. Sometimes they'll cancel them for getting too much traffic (and serve the above junk) and try to extort money from you to get it back. I've lost 2 that way and our root admin Krydos has had similar experiences with Freenom. I'd suggest buying a real domain. We recommend namecheap. It's less than $10/year for it, and it won't be taken from you unless you don't renew it: https://www.namecheap.com/domains/registration/results.aspx?domain=gemsinthecountrycrystals.com&aff=102467

 

For Wordpress, it's infamous for getting malware. To rule this out, you can rename the index.php file for your Wordpress installation and clear your cache. Then see if the domain still redirects to that bogus website when visited through Bing. If you still get redirected, it's probably Freenom doing it. If you see a directory listing, your website is infected.

 

Edit: I took forever to type this. Wordpress malware it is. My point stands about Freenom though.

[Krydos]

I'd suggest buying a real domain. We recommend namecheap. It's less than $10/year for it, and it won't be taken from you unless you don't renew it: https://www.namecheap.com/domains/registration/results.aspx?domain=gemsinthecountrycrystals.com&aff=102467

Namecheap currently has .coms for $8.88, and some other domains as low as $0.48 per year.

 

Edit: I took forever to type this. Wordpress malware it is. My point stands about Freenom though.