WordPress.org

Ready to get started?Download WordPress

Forums

WordPress Opening wierd Websites?! (10 posts)

  1. Bucki
    Member
    Posted 1 year ago #

    Hi

    I have a slight idea but not sure where to start!!
    I noticed that sometimes, by simply clicking around my website ... on menus etc, it suddenly sends me to a different ADVERTISEMENT sites!

    I confirmed that with my other friend, and the same thing happened to him. I guess it must be a script within the WORDPRESS ... how would I check for those type of scripts!?

    Any ideas ?!

    THANKS

  2. fonglh
    Member
    Posted 1 year ago #

    I guess it must be a script within the WORDPRESS

    It's not. It sounds like you've been hacked. Perhaps someone else will pop in with the links to all the resources you can read up on.

  3. Anik
    Member
    Posted 1 year ago #

    yesa, check for some iframe tag in the footer of the site. you will find some deceptive java codes in your source code. if you want you can send us your site link and we will go from there.

  4. Bucki
    Member
    Posted 1 year ago #

    No way man ... I dont believe I been hacked.
    Otherwise that person, could just delete the whole site.

    I am thinking probably, one of the PLUGINs had a malicious script
    Probably, even if I disable all plugins, it wont delete it ?

  5. It could be plugins, it could be your theme, or you could be hacked.

    Longer answer follows. ;)

    Visit http://sitecheck.sucuri.net/scanner/ and scan your site. It never hurts and if you come up as hacked then skip to the hacked links below.

    Even if it comes up clean you still may be hacked but a positive from them would save time.

    After that look at the usual troubleshooting 101 steps and try

    - deactivating all plugins to see if this resolves the problem. If this works, re-activate the plugins one by one until you find the problematic plugin(s).

    - switching to the Twenty Eleven theme to rule out any theme-specific problems.

    - resetting the plugins folder by FTP or PhpMyAdmin. Sometimes, an apparently inactive plugin can still cause problems.

    - re-uploading the wp-admin and wp-includes folders from a fresh download of WordPress.

    After you've switched to Twenty Eleven and confirmed that your plugins have been deactivated then visit your site. Still getting that advertisement redirection?

    Lastly, post via pastebin.com your .htaccess file. I have a feeling that's where the hack is.

    If after all that you now feel your site is hacked then proceed to look over these links.

    You need to start working your way through these resources:
    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

    Additional Resources:
    http://sitecheck.sucuri.net/scanner/
    http://www.unmaskparasites.com/
    http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
    http://codex.wordpress.org/Hardening_WordPress
    http://www.studiopress.com/tips/wordpress-site-security.htm

  6. Bucki
    Member
    Posted 1 year ago #

    Hi

    The Security SiteCheck, says everything is allright.

    .htaccess

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress
    
    # Start CloudFlare:rilindjaislame.net rewrite. Do not Edit
    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^rilindjaislame.net
    RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
    # End CloudFlare rewrite.

    If I reset the PLUGins, will it delete anything??
    meaning, within the posts etc?

  7. ...Did you switch to Twenty Eleven as outlined above...?

    If I reset the PLUGins, will it delete anything??
    meaning, within the posts etc?

    Switching themes or deactivating plugins never deletes posts or pages. You may have some theme or plugin options reset but your data should be fine. Your posts, pages, and comments will be untouched.

    If you really want to play it safe (safe is good) then make a compete backup of the files and database before doing anything else.

    http://codex.wordpress.org/WordPress_Backups
    http://codex.wordpress.org/Backing_Up_Your_Database
    http://codex.wordpress.org/Restoring_Your_Database_From_Backup

    That way if something really bad happens then you can restore it all with that backup.

    Also, can you share the link to your site?

  8. Bucki
    Member
    Posted 1 year ago #

    Jan...

    The site is not published yet, well it is but using an "under construction" plugin which displays ONLINE SOON to not registered users!

    You know, it is deffenitely one of the plugins, because I had the case other day where I did deactivate all plugins and I didnt notice that site much but then I disabled few of them and then I noticed it ...

    Guess will have to pin point each individually.

    Regards the website link: it does not pop up all time .. it does obsessionally and not often.

    ps: will have to go to UNI in a bit, try this after I come back

    Thanks

  9. Bucki
    Member
    Posted 1 year ago #

    "but then I enabled few of them and then I noticed it ..." << correct!

  10. Bucki
    Member
    Posted 1 year ago #

    I found solution: I THINK!

    The theme had a script within the function.php
    that was using hacking codes to display random ADs websites

    See here:

    http://wordpress.org/support/topic/unwanted-jquery-script/page/2?replies=52#post-3254609

Topic Closed

This topic has been closed to new replies.

About this Topic