How can a website recover from code injection especially the domain name?

ThN asked:

My website was recently hacked that apparently it came under code injection vulnerability not SQL injection. At least that’s what Google is telling me and even gave me a possible iframe codes. That was a shock to me for it never happened to my websites. I found out that I recently was testing upload php script on my webserver and forgot to delete it afterward. So, I knew how they got in. So, I went ahead and deteled everything and anything that I saw didn’t belong in the server including the upload php script. Plus, I saw some wierd stuff in the .htaccess file. Instead of checking the code, I completly deleted it from the server.

Anyways, I tried to do everything I can as people have suggested online. Still, the hack didn’t go away completely and it still isn’t. So, I decided enough is enough. I found another webhoster and moved my website there. I uploaded my backed up files not the files from the previous hosting server for my website. Repointed my domain name to my new webhosters server by changing my nameservers. Well, after doing all that I thought I was home free. It turns out I am not out of the woods. To my surprise, my website still considered to be harmful and dangerous. I visited my website by entering mywebsite.com into the browswer and it was clean.

However, when I entered www.mywebsite.com, the browswer came back and said my website is considered to be hacked and reporting it as attack site, but when I clicked on “ignore this warning” it took me to my the new webserver. I was dumbfounded. I thought the domain name was pointing at my old webserver, but it was not.

How is it possible for something like that to happen especially when I am on a new server and uninfected files?

I am starting to run out of options and getting frustrated over this. I am loosing regular visitors. Please, help….I just want to get my domain back.

if anyone interested, my website domain is:

goody-games.com is clean.

www.goody-games.com is reported an attack site.

PS: I have already scanned my website through sites like Sucuri.com and they all say my website is clean, but I am still not sure.

What can I do at this time? Any help will be greatly appreciated.

My answer:


goody-games.com and www.goody-games.com return identical content for the home page.

If you’re sure all the malicious code is cleaned out, you can resubmit your site to Google for testing through Webmaster Tools.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.