Phantom Posts Appearing On My Site

  • Resolved zeekstern

    (@zeekstern)


    9 years, 3 months ago

    Somehow I am getting posts appearing on my site that is not from me. It looks like purely scraped random content from various sites, all in different subjects. Car dealerships, medical sites, summer swim programs in Staten Island NY etc.

    I first noticed the random posts a few weeks ago and manually deleted files/posts using the File Manager in my hosting control panel. I found a directory that had them in it and just deleted the files and was careful not to delete any WP files etc. I can’t remember the name of the directory, and can’t get into my hosting site because I changed the passwd and forgot to write it down.:)) I did that to see if any more posts would appear, and they did so I know someone isn’t logging into my site and using my hosting CPanel to do anything.

    I am just now learning WP and everything seems pretty straight forward with regards to using the WP Admin control panel, or whatever you call it. I am in the WP control panel and can see where the offending posts are and can move them to the Trash Bin.

    But, I need to figure out how the posts are getting there to begin with. The crook who set this site up for me did not use a hosting Cronjob to schedule anything so everything must be coming from WP internally. I see where he is using a Plugin, “WP Missed Schedule – RC2013” that I can Deactivate but that won’t tell me how the posts are getting into my site.

    I also saw where WP lets you write posts and allows you to schedule them for future posting. For that to happen, those posts would need to be stored in a directory somewhere on my site, but I haven’t found that yet. And it appears that WP must have some kind of internal Cronjob feature since you can schedule posts to appear at a later date.

    If anyone can help me figure out how the posts are getting in and how to stop it, I would greatly appreciate it. In the mean time I will deactivate the Missed schedule plugin I mentioned earlier and delete the offending posts using the WP admin panel.

    I realize that WP needs to be updated, and I will try that once I get this problem fixed. According the the crook who set this up, later versions broke his code and said that we needed to just stay with this version. My mistake!!

Viewing 6 replies - 1 through 6 (of 6 total)
  • Hassan Akhtar

    (@khaxan)

    9 years, 3 months ago

    Hi. Plugins (and even themes) can control every aspect of your WordPress website. So if no one is accessing your website from the cPanel OR the WP dashboard then the problem must be coming from a plugin (or theme). You should get rid of all the plugins that seem even the tinniest bit suspicious. You should also follow the tips and guidelines give here:

    http://codex.wordpress.org/Hardening_WordPress

    Thread Starter zeekstern

    (@zeekstern)

    9 years, 3 months ago

    Thank you very much for the quick reply and link for the guidelines.

    I am pretty sure someone can’t get in via cPanel, but not sure about WP dashboard. I have been familiarizing myself with the dashboard and just saw where there are 566 posts Pending. Do you know where these Pending posts are stored? Wouldn’t they have to be somewhere in a directory on my website underneath WP? So far they are all spam scraped content from other websites and I am deleting them.

    I only have a few plugins (3 or 4) and the one that appears to be killing me is that one I mentioned earlier. I wouldn’t think the wordpress.org site would allow a plugin with malicious code on their website.

    Thanks again for your help!! I’m off to read the hardening guidelines. Maybe I can find something in there to shed some light on what is going on.

    Hassan Akhtar

    (@khaxan)

    9 years, 3 months ago

    All the posts are stored in the MySQL database.

    Thread Starter zeekstern

    (@zeekstern)

    9 years, 3 months ago

    Really? If that is the case, is it possible that the DB has code in it that goes out and scrapes up the new content?

    I see in my notes where there is a phpMyAdmin User and a Database User and Passwd. So I will change the DB user/passwd. I didn’t see a passwd for phpMyAdmin, but if there is a way to change that, I will do that too. That link you gave me probably has it in there.

    Now I’m wondering how in the world a WordPress site can rank good in Google if the data is in the DB. There wouldn’t be much for the bots to read when it gets to the site other than meta data:)) I can see where I have a lot of reading to do about WP.

    Thanks Hassan. Much appreciated!!

    Hassan Akhtar

    (@khaxan)

    9 years, 3 months ago

    The thing about Google isn’t true. WordPress websites rank very well in search engines. Bots see the page just like normal visitors. They just don’t execute the JavaScript.

    Thread Starter zeekstern

    (@zeekstern)

    9 years, 3 months ago

    OK. I found a few sites that explains how WP works as well as the WP themes. I will read those tomorrow as well as the links you gave me. By then I will have a better understanding of how WP works and what I need to do to my site.

    After reading all that, maybe I’ll find out how those phantom posts got onto my website. The date on the earliest post goes back to March of last year.

    In any case, thanks again for your help!! I’ll go ahead an mark this as resolved.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Phantom Posts Appearing On My Site’ is closed to new replies.