Added cdn-cgi script on my page

betty · November 6, 2018, 5:40pm

Just yesterday I noticed my web site pages had a code added. I thought perhaps my site had been hacked,

so I looked at my files and found infected .php files that someone upload on my ftp.

I removed the malicious .php file.

Unfortunately could not look what was in the php file because my antivirus software prevented it: message (PhpSpy.A Trojan)

But still now i get an malicious (popup) that these files caused before.i dont get rit of it!

List of javascripts included

/cdn-cgi/scripts/cf.challenge.js

/cdn-cgi/scripts/cf.common.js

/cdn-cgi/scripts/zepto.min.js

List of iframes included

If i deactivate Cloudflare cdn the codes will not be executed, only via active Cloudflare cdn.

Im using vbulletin 4.2.0 and php version 5.3.29

Urgently need help. Thanks!

sandro · November 6, 2018, 5:42pm

Can you post the URL where you found these links? I’d expect these files to be included only when the challenge is displayed.

system · December 6, 2018, 5:40pm

This topic was automatically closed after 30 days. New replies are no longer allowed.

Topic		Replies	Views
How to remove cdn-cgi script from HTML Security	5	7602	July 12, 2020
Potentially Suspicious File /cdn-cgi Security	7	1380	May 26, 2023
Unwanted api.js showing from cloudflare API	10	9970	August 10, 2021
Unknown Javascript file is downloading alongside my domains! Security	3	2229	May 16, 2021
We can't identify and disable /cdn-cgi/apps/head/7JYB8YgWmjg9e1CQkL6pkbEcx-0.js Getting Started	1	711	September 21, 2023