Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
Maybe that’s just the symptom of a hack, where your main concern would be to destroy any backdoors left by the hacker instead of removing the advert.
Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
But then it may be part of your theme/ plugins.
Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
Which theme and plugins are you using?
Andrew, thank you for replying. As far as I can tell (I have close to zero familiarity with WordPress), the plugins are:
- Akismet v2.5.6 (v3.0.0 available)
- Breadcrumb NavXT v4.2.0
- Contact Form 7 v3.3.1
- Custom Post Templates v1.5
- Get-a-Post vR1.4
- Hyper Cache v2.9.0.3 (v2.9.1.6 available)
- Page Links To v2.7.1 (v2.9.3 available)
- qTranslate 2.5.30
- Sociable for WordPress 3.0 v5.13
- TablePress v1.0
- the_excerptReloaded vR1
- WordPress Multiligual Sitemap v0.1
And current theme is ApertureTheme v2.4.3 by WooThemes (which seems to be discontinued, as I just found out).
WordPress version is 3.4.
As I write these lines I am realizing that this installation seems a bit outdated. Would an upgrade make sense?
Cheers,
Alex
Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
Hi Andrew, no, it’s not this site.
Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
Do you know whether all of those plugins were downloaded from the WordPress.org repository? I can’t find “Get-a-Post” for example, and I’m checking this because you can guarantee any plugin from the WordPress repository will not be responsible (as they have been reviewed before being distributed.
But it does seem like that website has been hacked and unfortunately there’s a lot of manual work involved in delousing a hacked site.
You need to start working your way through these resources:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/
Additional Resources:
http://sitecheck.sucuri.net/scanner/
http://www.unmaskparasites.com/
http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
Andrew, I will start the process for recovering this site. Thank you for such a prompt reply! –Alex