Disappearing Widget (6 posts)

  1. doakh
    Posted 3 years ago #

    This site http://www.lbisource.com/ has been hacked. The only visible problem is when you click on the 'read more' link at the bottom of 'the island skinny' widget. In fact this widget does not show up in the Sidebar on the Widget page. So it has been 'hidden'.

    - I found some suspicious code in the header.php file after viewing the source code:
    [Code moderated. Please do not post hack code blocks in the forums. Please use the pastebin]

    - I replaced the wp-admin & wp-includes folders. I notice they had ~10 more files than they should have.
    - After replacing the core files a script appeared ( an advertisment in words )in the top of header. I removed it from the header.php file and it went away.

    The site has not been been updated as required. I found one plugin http://wordpress.org/plugins/ttftitles/ that had not been supported since 2007!

    Any ideas how to get the widget back.


  2. esmi
    Forum Moderator
    Posted 3 years ago #

  3. doakh
    Posted 3 years ago #

    Thanks, It is nice to have all the resources in one place. I fixed her site. The intruder has set up a user as 'sysadmin' which I gather is common.

  4. WebTechGlobal
    Posted 3 years ago #

    Ah so it's not your site. That explains it. I was initially wondering how someone with knowledge of WordPress could let the site get in that state.

    Well done ;)

  5. doakh
    Posted 3 years ago #

    Sorry, I should have posted the code in pastebin. She is an elderly women ( not tech savvy ) and unfortunately hosts at GoDaddy. I did notice though they changed the db prefix ( after they found out she was hacked ) before I had a chance to.

  6. doakh
    Posted 3 years ago #


    I also found a plugin 'wpppm' that did not show up in the Dashboard. It accessed her .htaccess and hijacked the 404 error page.

Topic Closed

This topic has been closed to new replies.

About this Topic


No tags yet.