Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Site recently hacked, now FF won't display css style - other browsers will

  • 6 replies
  • 2 have this problem
  • 14 views
  • Last reply by thunt

more options

So my site beaq.org.au was recently hacked - a phishing attack. A .php file was uploaded to the css directory it seems. My host promptly removed the css directory, and I replaced it with a backed up css directory. Problem solved! (or so I would have hoped)...

This did solve the problem in all browsers I have tested in - except Firefox. The site looks as it should in safari, IE, chrome etc. CSS style is used, but FF won't use it. I believe this is a result of the site being reported as an attack site...for example, if I choose preferences > security and then uncheck "Block reported web forgeries", then reload the page - it loads as it should.

I have requested removal from the forgery list here: http://www.google.com/safebrowsing/report_error/?tpl=mozilla

And the site is not listed as containing malware in Google Webmaster tools. So nothing to do there.

Is it simply a matter of waiting till firefox recognises the site as not being a web forgery or containing malware? Is there something else that can be done to resolve problem? Or is there something that could be done to expedite the removal from FF's list of phishing / attack sites?

It's been over a week already and still waiting. Not a good look having a website that is completely messed up. Thanks for your help in advance!

So my site beaq.org.au was recently hacked - a phishing attack. A .php file was uploaded to the css directory it seems. My host promptly removed the css directory, and I replaced it with a backed up css directory. Problem solved! (or so I would have hoped)... This did solve the problem in all browsers I have tested in - except Firefox. The site looks as it should in safari, IE, chrome etc. CSS style is used, but FF won't use it. I believe this is a result of the site being reported as an attack site...for example, if I choose preferences > security and then uncheck "Block reported web forgeries", then reload the page - it loads as it should. I have requested removal from the forgery list here: http://www.google.com/safebrowsing/report_error/?tpl=mozilla And the site is not listed as containing malware in Google Webmaster tools. So nothing to do there. Is it simply a matter of waiting till firefox recognises the site as not being a web forgery or containing malware? Is there something else that can be done to resolve problem? Or is there something that could be done to expedite the removal from FF's list of phishing / attack sites? It's been over a week already and still waiting. Not a good look having a website that is completely messed up. Thanks for your help in advance!

Modified by thunt

All Replies (6)

more options

Reload web page(s) and bypass the cache.

  • Press and hold Shift and left-click the Reload button.
  • Press "Ctrl + F5" or press "Ctrl + Shift + R" (Windows,Linux)
  • Press "Cmd + Shift + R" (MAC)
more options

Thanks for that...tried that (i'm on a mac - "Cmd + Shift + R"), but no luck. Still firefox does not use the css styling. Any other ideas? PS, I am assuming that if you access that url (beaq.org.au) you have the same issue? - ie that the css is not working (if you use firefox 3 / 4)?

more options

I hadn't checked that link, but I can confirm that the CSS file isn't loaded because of a block via the phishing protection.

Google Chrome doesn't even open the main page and immediately shows the phishing warning page.

Warning: Suspected phishing site!
The website at www.beaq.org.au has been reported as a “phishing” site. Phishing sites trick users into disclosing personal or financial information, often by pretending to represent trusted institutions, such as banks.
more options

weird Chrome was previously loading it fine. Maybe it only just caught up?

Any ideas on how long this stuff takes to clear up after malware is removed and request for a review is made? Its been like this for over a week...

more options

I've tried in another profile to delete the file urlclassifier3.sqlite and let Firefox rebuild it and that still gives an error after that has been done, so the site is still flagged in the Google database.

more options

Thanks...

Cor-el, do you (or anyone else that sees this post) have any idea how long it takes for for firefox to remove sites from the"bad" list? The malware on my site was removed weeks ago now, I have submitted review requests, and still in firefox 4 my site continues to display incorrectly.

Any ideas how long this might take to clear up? Thanks,