1. No ad-hominem
2. No spamming or shilling
This is a problem with cookies. I've set the cookies so you have to accept them. Try deleting cookies.
There is an issue with older version of Apple Safari browsers. This is cured by upgrading if you can.
'Forbidden website - no access via our servers.'
Pi: Allo DigiOne Signature/Volumio/Tomanek LPSU/Jitterbug
DAC: Metrum Acoustics Musette CD Transport: Cambridge CXC
Headphones: AudioQuest NightHawk Carbon Amp: Schiit Magni-3
DAC: Musical Fidelity M1DAC Digital i/c: Profigold Oxypure OCC
Unfortunately, malicious activity has been detected on your hifisubjectivist.org account. Such activity can harm the site's visitors, as well as its reputation on search engines and the reputation of the server with email providers. As such, this is seen a breach of our acceptable usage policy and has left us with no choice but to temporarily disable part or all of the account.
Although it is an undesirable outcome, disabling the account is the best way for us to limit the harm malicious content or activity can cause to the website, its visitors and other Tsohost customers until the cause of the issue has been identified and resolved.
If you are unable to access your email
If this is the case, it is likely that your email address has been compromised and we have changed the password here and/or placed a block on the mailbox. It is important that you scan your PC or any devices accessing your email addresses for viruses before proceeding.
Once you are confident that your PC and/or devices are virus-free you can change the password for the email account in question from your hosting control panel.
For security purposes the password must be different from the original, be at least 8 characters long and should contain a mixture of lower and upper case letters, numbers and unusual characters.
If your website is offline
If the website is showing an error instead of displaying its content then this will be due to malicious content or behaviour originating from its files, so we have had to take it offline until the issue has been resolved.
How has this happened?
Often this is caused by a vulnerability somewhere in your website's code which has allowed an attacker to inject malicious scripts into your website. Normally this is possible via exploitable vulnerabilities in out-of-date software in your site's application such as plugins or themes which you have installed. It is also possible due to poor security practices in custom-written website code, or insecure passwords for your email, ftp or hosting accounts or the website's admin areas.
There are various steps you can take to increase the security of your website and help prevent this from happening again in the future. Some of these include:
Keep up-to-date with the latest software versions on your website
This includes content management systems and applications such as Wordpress, Joomla! and Prestashop; pro-actively update both the core software, and all plugins & themes that are installed. Depending on your application, there may be additional security plugins you can install to help you keep on top of updates. It is also good practice to delete any themes or plugins which are not being used, as even an inactive plugin could act as an entry point to the rest of your website.
Use secure administrative passwords
Your website could be compromised if an attacker knows or can guess a password to any one of your hosting account, email, FTP accounts, or the site's admin areas. It's a good idea for these to be at least 8 characters long and contain a mixture of lower and upper case letters, numbers and unusual characters.
Regularly scan your PC and other devices for malware
No matter how secure your website is, malware on any device you use to access administrative accounts for your website or email, could lead to an attacker gaining a critical password for your site and lead to it being compromised.
What to do next
When a website is compromised in this way, additional 'backdoors' could be injected and hidden amongst the site's normal code to allow an attacker to compromise it again in the future. It is therefore important that every trace of malicious code is identified and removed before the site can be brought back online.
Cleaning up compromised websites is unfortunately not a service we are able to provide, so if you are unsure of how to proceed with doing so we would recommend you contact a specialist web developer for advice and assistance.
We are able to allow restricted access to the site for you or your developers if this is something that you require. When you are certain the website is rid of any malicious code or content, please contact us and ask for the site to be reviewed. It would help for you to demonstrate steps which have been taken to secure the website and your account.
If we believe the site is clean and no longer poses a risk, we will make it publicly accessible again.
Your tsoHost Team
I had a similar problem with a phpBB site I was administering some years ago and ended up manually deleting the injected code, line by line, page by page, and then kicking the culprit up the backside.
Speakers - Monitor Audio Silver RX2
Cables - NVA LS1+LS3, SSC, Gotham S/PDIF, IBRA Optical
Digital - NAD C516BEE, SONY ST-SDB900 DAB TUNER, TEAC UD-H01 DAC
Analogue - Pro-Ject Debut Carbon Esprit SB, Graham Slee Gram Amp 2 Phono
Cans - Grado SR80, ATH-M50X
Well done Terry.