WordPress.org

Ready to get started?Download WordPress

Forums

Viagra being promoted on wordpress.org (3 posts)

  1. razaj
    Member
    Posted 3 years ago #

    I just ran a simply search on wordpress.org for the keyword "viagra" and the result turned up over 360 results, many of them blatant viagra ads.

    http://wordpress.org/search/viagra

    Is anyone taking notice, and more importantly, how to deal with the so-called "pharma-hack" that injects viagra and other pharmaceutical content in wordpress powered websites?

    I have already read the peasronified blog and followed his advice for removing the files and db entries but as mentioned in that blog as well, even he does not know why it happened and how to make sure it does not happen again.

    Considering its widespread incidence, I doubt it has anything to do with the hosting provider. I am on rackspace. Another infected site mentioned in another post is on dreamhost. Although http://blog.sucuri.net/2010/07/understanding-and-cleaning-the-pharma-hack-on-wordpress.html is more comprehensive than peasonified's article but the fundamental question of a comprehensive solution aimed at preventing this from happening again remains to be seem.

  2. James
    Happiness Engineer
    Posted 3 years ago #

    The two are unrelated.

    What you're seeing here is simple spam. The Codex is powered by Mediawiki (not WordPress) and it's user-editable. Anyone can sign up for an account and post whatever they want to. The volunteers do their best to clean up the spam, but they can't catch everything. Please feel free to delete any spam that you find. Just use your support forum login.

    As for the actual hack, please refer to this guide:

    http://codex.wordpress.org/FAQ_My_site_was_hacked

    When you're done, try some (if not all) of the recommended security measures. Then, make sure that you have set the permissions of all files to 644 and directories to 755.

    Unfortunately, nothing can really help if you're on an insecure shared server. Under the (unfortunately) common setup, the attacker only needs to compromise one account on the server to affect all of them.

  3. mrmist
    Forum Janitor
    Posted 3 years ago #

    Many of those Codex Pages have actually been delete already, the search is showing old data. (Sadly.)

Topic Closed

This topic has been closed to new replies.

About this Topic