WordPress.org

Ready to get started?Download WordPress

Forums

Hacked? Huge link farm added to footer (11 posts)

  1. tommysollen
    Member
    Posted 5 years ago #

    A huge link farm keeps getting added to my blog, more specifically to the footer.php.

    This has resulted in an exclusion by Google.

    I keep removing it but it always comes back again. How is this happening and how can I make it stop?!

    Theme is Green Marinée 1.0
    Active plugins are
    Akismet 1.15
    flickrRSS 3.1.2
    SimpleTags 2.0
    WPvideo 1.10
    Wordpress database backup 1.7

    The spam link farm that's added is huge but here are a few lines from it.

    <!-- ~ --><u style="display:none"> <a href="http://comune.adelfia.bari.it/dev/dev.php?11065">feedster on viagra</a> <a href="http://comune.adelfia.bari.it/dev/dev.php?24199">diazepam belgrade 1999</a>

  2. umair
    Member
    Posted 5 years ago #

    your website?

  3. tommysollen
    Member
    Posted 5 years ago #

    URL is http://vdblogg.visitsweden.com/

    The spam is there right now (bottom of source code). If I would remove it it would come back within hours.

  4. dhadbawnik
    Member
    Posted 5 years ago #

    i've had a similar problem, except in my case the most recent post is taken down and a huge set of code is plugged in to the bottom of it. i have to go back to the edit mode, remove the code, and re-post it, only to have it taken down in a few hours with more code in there. any help with this would be greatly appreciated!

    my site is

    http://www.habenichtpress.com/index.php

    and here is some of the code

    </p><u style=display:none>Order Naprosyn
    Purchase Pilex
    Buy Lanoxin
    Didrex
    Purchase Zyban
    Cheap Penisole

  5. iridiax
    Member
    Posted 5 years ago #

    Please, can anyone shed some light on this problem?

    You are using an outdated version of WordPress that's vulnerable to hacking.

    http://wordpress.org/search/hacked?forums=1

  6. lfreberg
    Member
    Posted 5 years ago #

    We are using a 2.6 version of WordPress...updated last summer just to avoid this very same problem, and now the hackers have found a way to get to the footer in these newer versions as well. The blog that was hacked doesn't even allow people to register to comment :( It's an arms race, folks....we use rex swain's http viewer daily to check for these. I recommend you do the same.

  7. mrkingid
    Member
    Posted 5 years ago #

    Current version is 2.6.5. The reason for these updates is to close vulnerabilities like you are experiencing. You need to update every time a new version comes out to avoid hacking.

  8. lfreberg
    Member
    Posted 5 years ago #

    Updating WordPress for the three blogs I maintain is a huge investment in time, and then we get hacked anyway. I'll do it, if it solves this hack, but otherwise it's actually faster to use Rex Swain and upload a fresh footer whenever we're hacked. It sure would be nice if WP could make the upgrade bit easier...hint hint hint :)

  9. websynn
    Member
    Posted 4 years ago #

    I have 2.8.2 and have the same problem... can't figure out how they are doing it...

  10. whooami
    Member
    Posted 4 years ago #

    websynn,

    I have 2.8.2 and have the same problem... can't figure out how they are doing it...

    they keep doing it because youre running an exploitable version of wordpress, and, secondly, you havent closed the holes that have been created.

  11. Samuel Wood (Otto)
    Tech Ninja
    Posted 4 years ago #

    When a site gets hacked, usually they leave themselves a backdoor. This is a way back in, even if you upgrade to the latest version. You need to find the backdoor and examine server logs to determine how they got in in the first place.

    If you're using shared server hosting, then it's quite likely that they didn't get in via WordPress.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.