WordPress.org

Ready to get started?Download WordPress

Forums

Blackhat SEO + 4 rogue files added (6 posts)

  1. MeowAttack
    Member
    Posted 1 year ago #

    Hi, I'm hoping someone can identify the hack my site is experiencing. I discovered it when I did a WooRank evaluation of my site and it showed cialis spam in the description. The one blog post I read describing the "Pharma hack" did not sound the same as my problem. I also used Sucuri and it found blachat seo javascript in more of my pages. Google has listed it in the search rankings as compromised. I believe this occurred in the last few weeks at some point, if not in the last week.

    An Exploit Scanner check found 4 added files with similar suspicious looking code, the files are:

    wp-admin/includes/class-wp-option.php
    wp-admin/admin-meta.php
    wp-includes/theme-compat/author.php
    wp-includes/class-locale.php

    Also most my files are permissions 604, and these files stood out as being 644. I'm still looking for more weird files and examining the Exploit Scan results, and about to look in my database for any added users. Sort of working my way thru the 'you've been hacked' guides, but would love if anyone could point me to specifics about this particular hack.

    Thanks!

  2. Pioneer Valley Web Design
    Member
    Posted 1 year ago #

    Nothing is fully secure...there have been multiple issues of late:

    http://codex.wordpress.org/Brute_Force_Attacks

    and

    http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html

    The first one was the user keeping admin as a UN and using a weak PW.

    The second one was obviously a 'flaw' (which according to some is still not really fixed) I have hence removed WP Super Cache from all sites (lost faith in W3TC long ago)...I am Testing Cloudflare at one site this month.

  3. Frederick Townes
    Member
    Posted 1 year ago #

    @Seacoast Web Design what can I do to restore your faith?

  4. Pioneer Valley Web Design
    Member
    Posted 1 year ago #

    Nothing personal, I have just learned that more plugins = more headaches...that none of the caching plugins work well with specific combinations of well used plugins (without a lot of work), and that by getting my host account bumped up a bit removed the need...

    I tested clouflare - pffftt - slowed site down! it's gone too!

    I also found that simple things like enabling gzip properly and using browsing caching properly do what I need for site performance...

    And other things such as using a simple menu, a basic home page, post pagination, etc...things built into WP that many do not do.

    http://gtmetrix.com/reports/seacoastwebservice.com/yeTwcgRZ

    http://gtmetrix.com/reports/swansonphotosonline.com/zkllzdQf

    Those sites are mine...top grades! no caching plugins!

    That all said, neither are getting a ton of hits...

    I'll tell you what - I will test W3TC again on a site I am just starting to build...I just procured a domain related to WP child themes :-) If it works well, it'll get written up as a success at my sites...

  5. Pioneer Valley Web Design
    Member
    Posted 1 year ago #

    And let's see:
    this is your site:
    http://gtmetrix.com/reports/www.fredericktownes.com/7olwKmUG
    and w3edge is:
    http://gtmetrix.com/reports/www.w3-edge.com/iQsDrOw3
    Yes?
    you:
    94-82=176
    90-72=166
    grand total = 342

    me:
    92-89=181
    93-83=176
    grand total = 357

    I win! :-)

  6. Frederick Townes
    Member
    Posted 1 year ago #

    @Seacoast Web Design, not really sure what you're trying to measure tbh.

Topic Closed

This topic has been closed to new replies.

About this Topic