WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Private site hacked links to spam (4 posts)

  1. rjvv
    Member
    Posted 1 year ago #

    Hi,

    I've been reading through lots of threads about hacked wordpress sites, but none of them is exactly like my case. This is my situation:

    I have a WordPress 3.5.1 with "Woocommerce" and "Registered users only" plugins installed. It has the " Discourage search engines from indexing this site" enabled so it doesn't appear on Google or other search engines, so it shouldn't be SEO/Spam attractive. It is a client-only reservated area.

    Everything works right but sporadically when you hit a link it redirects you to a Spam Ad, in the same window, so clients would have to go back in the browser to keep on shopping.

    I have erased all the wordpress installation, reinstalled it, and I'm reinstalling all plugins again with no result. I have also changed all the admin and FTP passwords... And I can't find any strange file where could be the hack.

    Any suggestions or some help link?

    Thank you in advance,

  2. Everything works right but sporadically when you hit a link it redirects you to a Spam Ad

    Have you deactivated all of your plugins, switched your theme to Twenty Eleven or Twenty Twelve and obtained new copies of everything from verifiable sources? It could be that one of your plugins or perhaps your theme is messing with you. That's not exactly a hack but something you want to get to the bottom of.

    Also posting a link to your site never hurts.

    I've been reading through lots of threads about hacked wordpress sites, but none of them is exactly like my case.

    That may be true but all of them involve either being exploited by a weakness in your WordPress setup (usually fixable by yourself) or a weakness in your server setup (in which case it seeking a new host may be in order).

    Either way you need to start working your way through these resources:
    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

    Additional Resources:
    http://sitecheck.sucuri.net/scanner/
    http://www.unmaskparasites.com/
    http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
    http://codex.wordpress.org/Hardening_WordPress
    http://www.studiopress.com/tips/wordpress-site-security.htm

  3. rjvv
    Member
    Posted 1 year ago #

    Have you deactivated all of your plugins, switched your theme to Twenty Eleven or Twenty Twelve and obtained new copies of everything from verifiable sources? It could be that one of your plugins or perhaps your theme is messing with you. That's not exactly a hack but something you want to get to the bottom of.

    Also posting a link to your site never hurts.

    I'm on that process right now.
    You are right, you can have a look here: http://clientes.silenole.com with test / test
    Just clic and clic and it will come up.

    or a weakness in your server setup (in which case it seeking a new host may be in order).

    I know, but it's myt client hosting and they don't want to change it but it is always giving problems.

    I will read all those helpful links, even most of them are already visited heheh

    Thank you so much!

  4. rjvv
    Member
    Posted 1 year ago #

    Switching the theme to Twenty Twelve did the work. Still don't understand what was on my other theme folder tho...
    Thank you.

Topic Closed

This topic has been closed to new replies.

About this Topic