Malware on website - SSL problem?

Some malware got into our nonprofit’s website. Users are being redirecting to https://cuuustomdirections.tw which is trying to get users to agree to installing malware. Would this have anything to do with my Cloudflare SSL? I only have one rule installed which is to force https. Thanks for any help, we are a small not for profit with no staff lol

1 Like

No, that’s not related to Cloudflare at all but will be an issue on your server. You need to talk to your host about that.

1 Like

Thank you so much. Do you think I should install any other rules to ensure site safety?

That fully depends on your site and what you want to cover. For now you should make sure whatever issue you have on your server is fixed. What’s your domain?

1 Like

ojibwehorse.ca

1 Like

Redirects me to blackwateeragain.tw. Your site does appear as if it was compromised and that should be definitely the first thing to fix.

2 Likes

Thank you, I see it is redirecting to different sites. I’ll try backing up to a previous version.

It appears as if you had fixed the issue, though - assuming your server IP address ends in 80 - you would not have any valid SSL setup on your server, which means your site is still insecure and transfers everything in an unencrypted fashion over the Internet.

You should fix that and get a proper certificate on your server. The search here will have a lot more details on that (Origin certificates).

1 Like

I think I did it right - could you kindly check? Much appreciated!!

Yep, you do have an Origin certificate in place now. Change your encryption mode to Full strict now. Once that works your site’s connection should be properly secure.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.