Can hosting insert malicious code in your sites?

[matrigaldo]

Hello.
I've been using a business hosting plan on one company not very known, but well good bandwidth and space at not expensive price.
Now there are lot of better hosting offers on reputable companies but when i needed this kind of hosting, i've found few and this one was the cheapest.
I host several websites there.
My question is: is possible the hosting insert malicious (advertising) codes to load together to the websites hosted?
For example remember during early 2000s when lot of hosting companies used to provide free hosting only if you allowed them to put a little topframe full of their ads?

I receive complaints about two of my websites. One of them has been started few days ago, and a NP user told me he received warnings about viruses and popups, but i'm just using two clicksor banners and the inline ad.
I can't believe clicksor allows malicious codes to their advertisers...

I have this suspect because i've tried to remove ALL the ads from the other website but warnings and popup kept loading the same.. i thought it would be a cache problem, but i'm not sure anymore.

Hope in your help.

 

[HappyDay]

Sounds like you are hacked.Are you up-to-date with your software ?
Did you checked your server for unknown files ?
Without your url its quite hard to say anything if its a false alarm or whatever.

 

[matrigaldo]

My url is in my signature The filesharing site.

No i don't think i got hacked, even because i don't see any file edited in different time than my last editing.
Just checked all the files, not hacked, at least not in my files.

 

[matrigaldo]

My hosting doesn't seem hacked, all the codes inside my files are good.
However, visiting one of my websites, 2 NP users of 4 have been received lot of ads and then redirected to another site with fake antivirus warnings and repeating trying to download files. Others 2 find the site clean and nice, with no bad code loading.

Now the questions are two:
1) Does hosting company insert hidden code in each account that loads automatically with every page (or maybe just the indexes)? Is it physically possible?

or

2)Does a reputable ad network like Clicksor allow and insert malicious code from their advertisers, causing often redirects, popups and warnings? Anyway that's strange, i've visited tons of websites with Clicksor banners, interstitials and also popunders but never had a warning or a redirect.

Using NoScript Firefox Addon on a US computer, i see 3 "strangers" codes, two from clicksor and one from smileadv dot net but i suppose it's part of the banner (since it is about smilies etc..) .
However the site SHOULDN'T LOAD ANY AD because i've REMOVED them. Maybe they're cached?

 

[Keral_Patel]

My url is in my signature The filesharing site.

I think answer lies in your question itself.

It is a file sharing site and anyone can upload files. So :D

 

[SiberForum]

I suppose that this case should be investigated and you ought to understand what was the reason of that as that could be because of some script holes and you might have the same issue even with most trusted web hosting provider

 

[matrigaldo]

I suppose that this case should be investigated and you ought to understand what was the reason of that as that could be because of some script holes and you might have the same issue even with most trusted web hosting provider

Oh have you found some holes in my script?
(eventually, can you PM me?)

With no Clicksor ads the site SEEMS to be fine.
I can't believe Clicksor network insert malicious code inside their ads.....

 

[matrigaldo]

Looking for some other help..

 

[CrazyTech]

You've got to watch the adverts; we had something similar happen to a client with another ad service. It turned out that they were serving ads that were viewed as malicious software, basically the same situation we have here. If they're not showing with that code removed, then I think you have your answer.

 

[rumsfo]

Maybe simple change web hosting service provider? Have you thought about that as about another way to go?

 

[~ServerPoint~]

I agree. You can try to solve that in help with your web hosting provider or just chane web hosting service if they are not able to help you on it

 

[Clicksor_CS]

Hello.
I've been using a business hosting plan on one company not very known, but well good bandwidth and space at not expensive price.
Now there are lot of better hosting offers on reputable companies but when i needed this kind of hosting, i've found few and this one was the cheapest.
I host several websites there.
My question is: is possible the hosting insert malicious (advertising) codes to load together to the websites hosted?
For example remember during early 2000s when lot of hosting companies used to provide free hosting only if you allowed them to put a little topframe full of their ads?

I receive complaints about two of my websites. One of them has been started few days ago, and a NP user told me he received warnings about viruses and popups, but i'm just using two clicksor banners and the inline ad.
I can't believe clicksor allows malicious codes to their advertisers...

I have this suspect because i've tried to remove ALL the ads from the other website but warnings and popup kept loading the same.. i thought it would be a cache problem, but i'm not sure anymore.

Hope in your help.

Clicksor takes the integrity of our Publisher sites very seriously and we are always working to ensure the safety of all users that see our advertisements through our network.

This may be due to a violation on our advertisers' side. We would like to resolve this problem immediately. It would be much appreciate if you can provide your publisher account ID, Ad URL and IPs with which the ad is viewed. So that we can directly locate the violated ad and take proper action to the campaign.

Please kindly PM us with the information.

Thank you for your collaboration!

 

[matrigaldo]

PM sent, thank you for your help.

 

[SiberForum]

matrigaldo to have a look I need to have access to the source code. And that was only my guess about holes in the script

 

[finehost.in]

If you view the source code - you can easily figure out if code has been added by your webhosting provider or not. It is possible to get mal. ads to cause similar instances and I am sure clicksor can help you track and rectify this issue!!

 

[matrigaldo]

Yes, i've checked all the source code and i've no discovered any other codes. I'm not an expert of this kind of things, but isn't possible a webhosting insert some scripts not in the source but.. well, i'm always thinking about old free hosting plans, where you could put your sites etc but you had them with popups powered by the webhost.
Can't be something similar?