Forums

WordPress › Support » How-To and Troubleshooting

WP Hacked- Need help (6 posts)

  1. Ggekko
    Member
    Posted 3 weeks ago #

    My wordpress installation have been hacked.

    Someone have inserted spam links before the <head> tag. The links does not show up in the source code of the pages. Only in the google cache and in the source code of the google cache. Can anyone point me in the right direction on where to remove these links.

    I Know i really should have updated tha installation a long time ago and will be doing so today. I do however still need to find and fix this problem.

  2. alism
    Member
    Posted 3 weeks ago #

    Couple of links to get you started then...
    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/

    Plenty of information on these forums though, so search away and you'll find most answers you'll need quite quickly.

  3. Ggekko
    Member
    Posted 3 weeks ago #

    Thanks. I have searched these forums a lot. I also read the smackdown page put nothing I can find seems to apply to this situation, especially since the links are only visable in google and not in the source code of the pages themselves. It is almost as if it would allready have been cleaned up but I havent done that soo...

  4. iridiax
    Member
    Posted 3 weeks ago #

    the links are only visable in google and not in the source code of the pages themselves.

    There are tricky hacks that only show for Google or other search engines and hacks that only show depending on the referrer. Be sure to check your .htaccess (if you have one).

  5. Ggekko
    Member
    Posted 3 weeks ago #

    yes it seems to be an hack that use cloaking to only show in google.

    I have checked my htaccess file but can not see anything wrong in it. CAn you.

    # BEGIN WPSuperCache
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /news/
AddDefaultCharset UTF-8
RewriteCond %{REQUEST_METHOD} !=POST
RewriteCond %{QUERY_STRING} !.*=.*
RewriteCond %{HTTP:Cookie} !^.*(comment_author_|wordpress|wp-postpass_).*$
RewriteCond %{HTTP:Accept-Encoding} gzip
RewriteCond %{DOCUMENT_ROOT}/news/wp-content/cache/supercache/%{HTTP_HOST}/news/$1/index.html.gz -f
RewriteRule ^(.*) /news/wp-content/cache/supercache/%{HTTP_HOST}/news/$1/index.html.gz [L]

RewriteCond %{REQUEST_METHOD} !=POST
RewriteCond %{QUERY_STRING} !.*=.*
RewriteCond %{HTTP:Cookie} !^.*(comment_author_|wordpress|wp-postpass_).*$
RewriteCond %{DOCUMENT_ROOT}/news/wp-content/cache/supercache/%{HTTP_HOST}/news/$1/index.html -f
RewriteRule ^(.*) /news/wp-content/cache/supercache/%{HTTP_HOST}/news/$1/index.html [L]
</IfModule>
# END WPSuperCache
<IfModule mod_rewrite.c>
# BEGIN WordPress
RewriteEngine On
RewriteBase /news/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /news/index.php [L]
# END WordPress
</IfModule>

  6. alism
    Member
    Posted 3 weeks ago #

    Have you actually done any of the steps in the Smackdown link..?

Reply

You must log in to post.

About this Topic

Tags