Support » Fixing WordPress » Hacked? Huge link farm added to footer

  • A huge link farm keeps getting added to my blog, more specifically to the footer.php.

    This has resulted in an exclusion by Google.

    I keep removing it but it always comes back again. How is this happening and how can I make it stop?!

    Theme is Green Marinée 1.0
    Active plugins are
    Akismet 1.15
    flickrRSS 3.1.2
    SimpleTags 2.0
    WPvideo 1.10
    Wordpress database backup 1.7

    The spam link farm that’s added is huge but here are a few lines from it.

    <!-- ~ --><u style="display:none"> <a href="">feedster on viagra</a> <a href="">diazepam belgrade 1999</a>

Viewing 10 replies - 1 through 10 (of 10 total)
  • your website?

    URL is

    The spam is there right now (bottom of source code). If I would remove it it would come back within hours.

    i’ve had a similar problem, except in my case the most recent post is taken down and a huge set of code is plugged in to the bottom of it. i have to go back to the edit mode, remove the code, and re-post it, only to have it taken down in a few hours with more code in there. any help with this would be greatly appreciated!

    my site is

    and here is some of the code

    </p><u style=display:none>Order Naprosyn
    Purchase Pilex
    Buy Lanoxin
    Purchase Zyban
    Cheap Penisole

    Please, can anyone shed some light on this problem?

    You are using an outdated version of WordPress that’s vulnerable to hacking.

    We are using a 2.6 version of WordPress…updated last summer just to avoid this very same problem, and now the hackers have found a way to get to the footer in these newer versions as well. The blog that was hacked doesn’t even allow people to register to comment 🙁 It’s an arms race, folks….we use rex swain’s http viewer daily to check for these. I recommend you do the same.

    Current version is 2.6.5. The reason for these updates is to close vulnerabilities like you are experiencing. You need to update every time a new version comes out to avoid hacking.

    Updating WordPress for the three blogs I maintain is a huge investment in time, and then we get hacked anyway. I’ll do it, if it solves this hack, but otherwise it’s actually faster to use Rex Swain and upload a fresh footer whenever we’re hacked. It sure would be nice if WP could make the upgrade bit easier…hint hint hint 🙂

    I have 2.8.2 and have the same problem… can’t figure out how they are doing it…





    I have 2.8.2 and have the same problem… can’t figure out how they are doing it…

    they keep doing it because youre running an exploitable version of wordpress, and, secondly, you havent closed the holes that have been created.

    Moderator Samuel Wood (Otto)

    (@otto42) Admin

    When a site gets hacked, usually they leave themselves a backdoor. This is a way back in, even if you upgrade to the latest version. You need to find the backdoor and examine server logs to determine how they got in in the first place.

    If you’re using shared server hosting, then it’s quite likely that they didn’t get in via WordPress.

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Hacked? Huge link farm added to footer’ is closed to new replies.