WordPress.org

Ready to get started?Download WordPress

Forums

My WordPress is hacked (4 posts)

  1. paulolyslager
    Member
    Posted 3 years ago #

    Hi all,

    as the title already suggested my website (www.paulolyslager.com) has been hacked. First I found out that my google adsense was giving me all kinds of weird ads about viagra, xanax, valium, ... Secondly, through Google's webmaster Tools I found out that Viagra was actually the first keyword on some of my pages. As I couldn't see anything in my source code, I dived in a bit deeper with Google's "Fetch as Googlebot" and I found loads of links in there...

    Then I found all kinds of folders in my root folder with some textfiles, files without extension and two php files, which shouldn't be there, so I kicked those all out.

    I also kicked out a info.php in my themes folder (which was never there), which only consisted of:

    <?php
    php_info();
    ?>

    I also deactivated my plugins one by one, everytime updating the report of Googlebot, without any change in it.

    I'm afraid that my website is too infected that I will have to start all over again from a fresh wordpress install, but that is something I wouldn't like to do as I am not the biggest technician and it was already a miracle for me to get this far.

    Is there anyone who has experience with this kind of attack?

    Cheers,

    Paul Olyslager

  2. esmi
    Forum Moderator
    Posted 3 years ago #

  3. paulolyslager
    Member
    Posted 3 years ago #

    Thank you! Still working on it.... but no one on the wordpress blog had a similar problem?

  4. Roy
    Member
    Posted 3 years ago #

    Paul, that the hacker used a flawed plugin you use or even a flawed website on the same server (on a shared server you're as safe as you neighbours make their websites), doesn't solve the problem by just deactivating the plugin (in the first example). Follow Esmi's links, clean up your WP (don't just patch), read that Codex article called "hardening wordpress" when your site is clean, make sure you only use plugins without security issues and hope that it's not a problem with your host.
    Good luck...

Topic Closed

This topic has been closed to new replies.

About this Topic