My client’s website has been hacked. A few pages of the site have “cialis” titles in google, and display “cialis” info when you paste a link to the page into facebook. One visitor was actually served a spam “cialis for order” page when visiting the site and sent a screenshot, but I cannot recreate that issue. The problem can be seen here: hacked and here’s a screenshot of what one visitor saw: screenshot
It appears to be some version of the “pharma” hack, but I’ve searched through every folder/file on the server and I can’t find anything that looks suspicious. The code on all the pages looks fine – there are no visible links or redirects. htaccess is fine. I’ve looked for the files listed here and searched the database for these entries: http://www.pearsonified.com/2010/04/wordpress-pharma-hack.php and didn’t find anything. I’ve spent the last few hours doing a directory comparison with the original install files and didn’t find anything awry.
Does anyone have any info on how to find and fix this? Any help is appreciated.
- The topic ‘site hacked. help please?’ is closed to new replies.