WordPress.org

Support

Support » How-To and Troubleshooting » Hidden Spam Links

Hidden Spam Links

  • awkward_clam
    Member

    @awkward_clam

    Hi,

    My site is here:

    http://www.yourvancouvermortgagebroker.ca

    If you look at the source, at the very bottom, there is the following code:

    </script>
    
    	<script type='text/javascript' src='https://www.yourvancouvermortgagebroker.ca/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.47'></script>
    <script type='text/javascript' src='https://www.yourvancouvermortgagebroker.ca/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.2'></script>
    <a href ="http://webhost.wboy.org"><img src="https://www.yourvancouvermortgagebroker.ca/wp-content/themes/Minimal/images/blank.gif" height="1" width="1" /></a>	
    
    </body>
    
    </html>

    I’m trying to figure out where the wboy.org link came from and how to get rid of it. Not sure which file it’s in. I downloaded this theme from a site so it could be filled with spam, is there any way to… scan your themes? Should I be worried of anything else malicious on my site?

    Thanks,

    J

Viewing 7 replies - 1 through 7 (of 7 total)
  • elfin
    Participant

    @elfin

    I’m guessing it is part of the theme because the link to the image is within the Minimal theme that you are using.

    It could be in footer.php, but also may be added via functions.php

    awkward_clam
    Member

    @awkward_clam

    Can’t seem to find it anywhere…

    It rotates around spam links, ie: it’s a different link (out of 4) every hour or so.

    Functions.php:

    <?php 
    
    require_once(TEMPLATEPATH . '/epanel/custom_functions.php'); 
    
    require_once(TEMPLATEPATH . '/includes/functions/comments.php'); 
    
    require_once(TEMPLATEPATH . '/includes/functions/sidebars.php'); 
    
    load_theme_textdomain('Minimal',get_template_directory().'/lang');
    
    require_once(TEMPLATEPATH . '/epanel/options_minimal.php');
    
    require_once(TEMPLATEPATH . '/epanel/core_functions.php'); 
    
    require_once(TEMPLATEPATH . '/epanel/post_thumbnails_minimal.php');
    
    $wp_ver = substr($GLOBALS['wp_version'],0,3);
    if ($wp_ver >= 2.8) include(TEMPLATEPATH . '/includes/widgets.php'); ?>

    Footer.php:

    <div id="footer" >
    		<div id="footer-content">
    			<ul id="bottom-menu">
    				<?php global $is_footer, $page_menu, $category_menu;
    				$is_footer = true;
    				elegant_init();
    
    				if (get_option('minimal_home_link') == 'on') { ?>
    					<li <?php if (is_front_page()) echo('class="current_page_item"') ?>><a href="<?php bloginfo('url'); ?>"><?php _e('Home','Minimal'); ?></a></li>
    				<?php }; ?>
    				<?php if ($category_menu <> '<li>No categories</li>') echo($category_menu); ?>
    
    				<?php echo $page_menu; ?>
    			</ul> <!-- end ul#bottom-menu -->
    
    		</div> <!-- end #footer-content -->
    	</div> <!-- end #footer -->
    </div> <!-- end #page-wrap -->
    
    	<?php include(TEMPLATEPATH . '/includes/scripts.php'); ?>
    
    	<?php wp_footer(); ?>
    </body>
    </html>

    And scripts:
    [code block removed as per the forum guidelines]

    See anything out of the ordinary?

    elfin
    Participant

    @elfin

    Looks like it’s a complex theme, you’ll have to do a search for wp_footer in all the files looking out for add-action then check every function

    eg add_action('wp_footer','thefunctionname');

    and see if you can find where it is being added.

    awkward_clam
    Member

    @awkward_clam

    Hey thanks for your replies.

    I did a full text search of all the files, and this is the only wp_footer add_action that came up:

    function integration_head(){
    	global $shortname;
    	if (get_option($shortname.'_integration_head') <> '' && get_option($shortname.'_integrate_header_enable') == 'on') echo(get_option($shortname.'_integration_head'));
    };
    add_action('wp_head','integration_head',12);
    
    function integration_body(){
    	global $shortname;
    	if (get_option($shortname.'_integration_body') <> '' && get_option($shortname.'_integration_body_enable') == 'on') echo(get_option($shortname.'_integration_body'));
    };
    add_action('wp_footer','integration_body',12);

    Is this normal?

    Thanks.

    elfin
    Participant

    @elfin

    No idea(I’m not familiar with that theme), you’d have to now follow that code through and find out what us stored in those option values. You’ll need to find out what $shortname equates to first then look for $shortname.’_integration_body’ in the wp_options table.

    awkward_clam
    Member

    @awkward_clam

    Sorry, I’m really new with this stuff. So in which file would I find what $shortname equates to? And you’re talking about wp_options table through phpmyadmin?

    thanks

    elfin
    Participant

    @elfin

    sorry but no idea in which file it’s set up.

    And yes in the database.

    Just remember it might not be the cause and could be something innocent, and the problem may lie elsewhere.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Hidden Spam Links’ is closed to new replies.