WordPress.org

Forums

The Support Forums will be in read-only mode for a scheduled maintenance window on 01 September 2016 14:00 UTC - 20:00 UTC. More information.

Spam somewhere in code (5 posts)

  1. bodycountpodcast
    Member
    Posted 2 years ago #

    I didn't see a recent post addressing this, so sorry if I've missed it...

    Somehow there is Viagra and Cialis spam somewhere in my site. When I post links on Facebook, it sometimes comes up as the site description. I've also seen it as the site description in a google search.

    I backed up my database, did a reinstall of WordPress, then restored the old database in my GoDaddy settings. It's still happening.

    Has anyone seen this and, if so, any idea how to find it and remove it? I can't find the code in any of the editors.

    Thanks.

  2. Tara
    Volunteer Moderator
    Posted 2 years ago #

    Scan your site for malware presence: http://sitecheck.sucuri.net/scanner/

  3. bodycountpodcast
    Member
    Posted 2 years ago #

    It found some. Now I have to go hunt for the hidden code, which will hopefully look something like what is discussed here:

    http://blog.sucuri.net/2013/07/hidemebetter-spam-injection-variant.html

    Thanks!

  4. Tara
    Volunteer Moderator
    Posted 2 years ago #

  5. WPWhiteSecurity
    Member
    Posted 2 years ago #

    Hi bodycountpodcast,

    As recommended in Sucuri's blog post, the code is not obfuscated so if you do a global search of the files content you should be able to find the link and remove it.

    Alternatively you can also replace the WordPress files and themes etc from a recent backup. By replacing the files your data in the database (such as blog posts, users and other content) will not be affected.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.