SitePoint Sponsor

User Tag List

Results 1 to 17 of 17
  1. #1
    SitePoint Member
    Join Date
    May 2009
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    help, someone hacked? my wordpress

    omehow in the google results for my site underneath my the main link in the metadescription section someone added a bunch of crap about payday loans. when i view source on the affected pages this does not appear.

    what happened and how can i clear it?

  2. #2
    SitePoint Wizard gate2vn's Avatar
    Join Date
    Jan 2004
    Location
    Oslo, Norway
    Posts
    1,057
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I see that happens multiple times. The reason could be:
    - an outdated WordPress installation with / or plugin, theme
    - an unsecured plugin, theme

    You will need to check everything again, including files, folders and database too.
    Clustered CloudLinux Hosting | WordPress Hosting |
    Advanced Antispam | Managed Xen VPS
    in US West coast and Asia-Pacific datacenters
    Contact us now on Twitter @vietnap

  3. #3
    SitePoint Member
    Join Date
    May 2009
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Will upgrades of Wordpress and all plug ins fix this or do I need to do a fresh install?

  4. #4
    SitePoint Enthusiast
    Join Date
    May 2005
    Posts
    79
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by djc225 View Post
    Will upgrades of Wordpress and all plug ins fix this or do I need to do a fresh install?
    If you install Wordfence, you may be able to get away with just using that to disinfect. But I'd also get my site scanned if I was you, by something like cxs.

    The ideal thing would be if you had a backup to restore, then you could install Wordfence and use Better WP Security to harden your site. Just saying

  5. #5
    SitePoint Member
    Join Date
    May 2009
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Also just thought that I should point out that even though this is a domain that I've had for a while there really isn't any content on it that I care about. Was planning to start with a new fresh theme and content anyway. Should I just delete everything and do a fresh install? Will that even solve the problem?

  6. #6
    SitePoint Zealot WebEminence's Avatar
    Join Date
    Jan 2012
    Location
    Chicago, IL
    Posts
    131
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    In that case, it would be easier to just delete everything and start over with a fresh Wordpress install. That will get rid of the problem. If it was me though, I'd be curious to find out what the cause was so I'd spend some time doing some of the things suggested above.

  7. #7
    SitePoint Wizard gate2vn's Avatar
    Join Date
    Jan 2004
    Location
    Oslo, Norway
    Posts
    1,057
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by WebEminence View Post
    If it was me though, I'd be curious to find out what the cause was so I'd spend some time doing some of the things suggested above.
    This is a good advice, so you can avoid trouble in the future.
    Clustered CloudLinux Hosting | WordPress Hosting |
    Advanced Antispam | Managed Xen VPS
    in US West coast and Asia-Pacific datacenters
    Contact us now on Twitter @vietnap

  8. #8
    Non-Member
    Join Date
    Jun 2012
    Posts
    160
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by WebEminence View Post
    In that case, it would be easier to just delete everything and start over with a fresh Wordpress install. That will get rid of the problem. If it was me though, I'd be curious to find out what the cause was so I'd spend some time doing some of the things suggested above.
    I disagree. Upgrading the software should fix the issue. If you delete everything and install Wordpress, it will give you the same result.
    If anything, you are going through more steps and work for the same end result.

  9. #9
    Community Advisor silver trophy

    Join Date
    Nov 2006
    Location
    UK
    Posts
    2,559
    Mentioned
    40 Post(s)
    Tagged
    1 Thread(s)
    Upgrading wordpress won't fix a theme or plugin that has a vulnerability, or remove malware or additional files uploaded or aLltered outside of core files, or remove injected content in the database.

  10. #10
    SitePoint Zealot
    Join Date
    Nov 2012
    Posts
    117
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Hello,
    I'd suggest you install some security plugins, and most important - make sure all your software is up do date.

  11. #11
    SitePoint Enthusiast
    Join Date
    Jul 2011
    Location
    Novi Sad
    Posts
    34
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    My wordpress site was hacked several months ago. Hackers changed my login details, I succeeded to access wp admin after certain changes in the database. After that I installed wp better security plugin and it solved the problem. This plugin is really great.

  12. #12
    SitePoint Evangelist jonbey's Avatar
    Join Date
    May 2007
    Posts
    508
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    I have now been using Wordpress for years. Only hacked once and that was caused by a rogue plugin.

    My tips:

    Do not use "admin" for the name of your admin account.
    Ideally use htaccess to whitelist your IP address for /wp-admin (I do this for my most important sites and the logs do report a lot of people failing to brute force their way in).
    Install Secure Wordpress and Wordpress Firewall plugins
    Use a trusted theme - many old themes may look nice but the vulnerabilities are rarely patched
    Ideally lock down your FTP - I use Cpanel and my host added the feature where you whitelist your IP for FTP access (you can give global access for a limited time too).

    I have experienced to hacks, one was a trojan/virus on a PC which sniffed FTP details and then simply uploaded its own files. The other was an image upload plugin for Wordpress which has a vulnerability.

    Oh yeah, and backup often. Ideally automated backups to a non-public folder and download them too.
    My site: My Extension

  13. #13
    SitePoint Zealot
    Join Date
    Nov 2012
    Posts
    117
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Backups are essential... As well as keeping track of your htaccess file...

  14. #14
    Avid Logophile silver trophy
    ParkinT's Avatar
    Join Date
    May 2006
    Location
    Central Florida
    Posts
    2,343
    Mentioned
    192 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by jonbey View Post
    I have now been using Wordpress for years. Only hacked once and that was caused by a rogue plugin.

    My tips:

    Do not use "admin" for the name of your admin account.
    Ideally use htaccess to whitelist your IP address for /wp-admin (I do this for my most important sites and the logs do report a lot of people failing to brute force their way in).
    Install Secure Wordpress and Wordpress Firewall plugins
    Use a trusted theme - many old themes may look nice but the vulnerabilities are rarely patched
    Ideally lock down your FTP - I use Cpanel and my host added the feature where you whitelist your IP for FTP access (you can give global access for a limited time too).

    I have experienced to hacks, one was a trojan/virus on a PC which sniffed FTP details and then simply uploaded its own files. The other was an image upload plugin for Wordpress which has a vulnerability.

    Oh yeah, and backup often. Ideally automated backups to a non-public folder and download them too.
    This is great advice, @jonbey ;. I would add/modify the suggestion on FTP and recommend either SFTP or (even better) SSH access.

    Can you provide a solid example (for the uninitiated) of the details required in the .htaccess file?
    Also, where/how to locate this hidden file on most systems.

    That would make this thread a valuable resource for many members who use Wordpress but are not highly technical.
    Don't be yourself. Be someone a little nicer. -Mignon McLaughlin, journalist and author (1913-1983)


    Git is for EVERYONE
    Literally, the best app for readers.
    Make Your P@ssw0rd Secure
    Leveraging SubDomains

  15. #15
    Non-Member
    Join Date
    Jun 2012
    Posts
    160
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The biggest culprit is always using outdated software. So many times I see people use the last generation software without updating which results in loop holes for exploits. I don't know why so many people fail to update when it is free.

  16. #16
    SitePoint Member hostripples's Avatar
    Join Date
    Sep 2013
    Posts
    16
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by djc225 View Post
    omehow in the google results for my site underneath my the main link in the metadescription section someone added a bunch of crap about payday loans. when i view source on the affected pages this does not appear.

    what happened and how can i clear it?
    It may be the comments in which spamming is going on. You should have an option that comment should be approved by admin and also keep your wordpress upto date as many bugs has been released and wordpress is always trying to patch it with latest version or patch release .

  17. #17
    SitePoint Member BlabBen's Avatar
    Join Date
    May 2014
    Location
    Malta
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Similar thing happened to me with Joomla and this might help you. Basically spammers where registering and posting ridiculous posts in certain parts of my websites although I had no resister form. Basically I had to switch off the login functionality.

    I suggest to update to the latest wordpress version and remove any dodgy plug-ins that are outdated. If you do not allow users to register, make sure the register functionality is disabled. Also check your database size, mine had gone up from 4mb to 105mb, then I just removed the posts done by the spam user and it went back down.

    Hope you solve the issue.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •