Support » Everything else WordPress » Spammers Break In

  • I recently went to edit a post thats a FEW DAYS old, and found that this additional info was added to the end of my post.

    <u style="display: none">
    <a href=>index.html.</a><br />

    with about 50 more linkes below that one.

    anyone else had this problem?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Did you install AddThis plugin? Could it be you have an old version of this plugin? Did you try disableing the plugin?
    Are these links coming in as comments?If so, you might want to change your comment permissions. Go to your Options and select “Users must be registered and logged in to comment”. Dont for get to select also “Anyone can register”, so users can register, otherwise there will be no register link.

    I get all coments for moderation, never comments get posted directly on my blogs. So I moderate any, and all comments always.

    Please let us know exactly what is going on, it’s not really clear…

    additional info was added to the end of my post

    In your post or as comment?

    All will turn out well Im sure.

    Thanks ricardolopes,

    Here is what happened. I had a template file single.php writable by the server, so that I could edit the file from the WP Theme Editor.

    This allowed a third party spammer to write a bunch of hidden links into my template file.

    This also happened to another site of mine, and the google crawler bot ended up seeing it, and removing that site from the search engine index. I’ve had to fix the site, submit it to google for reconsideration, and now have to wait several weeks before it will appear on google once more..

    this is another lesson in security! always keep your template files and .htaccess at CHMOD 644!

    I can go you one better. UPGRADE. I see you are using WP version 2.3. So it’s prone to hacking. I’d suggest upgrading to 2.5.1. You might want to export your WP database file to an *.sql file and open it with Notepad and do a lookaround and make sure there’s no suspicious code there before you upgrade. That way you know your database wasn’t compromised. 🙂

    that IS a better one. I actually already did that immediately after the incident. thanks! 😉

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Spammers Break In’ is closed to new replies.