Title: WordPress Breach
Last modified: August 21, 2016

---

# WordPress Breach

 *  [TheB741](https://wordpress.org/support/users/theb741/)
 * (@theb741)
 * [12 years ago](https://wordpress.org/support/topic/wordpress-breach/)
 * My site, [thelonetree.org](http://www.thelonetree.org) , has been breached. An
   opposing rival has become jealous of my intelligence on the web and has chose
   to breach my site. He has decided to tease me by placing a small black face on
   the bottom of my page, near the footer. I wish to know how he did this, and how
   it can be removed. He did not use the source code for I am on a computer he does
   not have access to, my personal computer. This as come up before at my other 
   post, however it went away. Yet now it is back. I need this issue solved before
   I have to go to other “sources”. (Just checked page source and found nothing)(
   Be aware that it comes and goes, which is making me insanely mad!)

Viewing 7 replies - 1 through 7 (of 7 total)

 *  [jon](https://wordpress.org/support/users/adiant/)
 * (@adiant)
 * [12 years ago](https://wordpress.org/support/topic/wordpress-breach/#post-4908421)
 * For you, maybe, but it is not there for me to see, so I tend to agree with esmi
   in your original post: the computer you are looking at things from is the problem,
   not the web site.
 * I see you have posted again on this, so I’ll leave it at this.
 *  [Clayton James](https://wordpress.org/support/users/claytonjames/)
 * (@claytonjames)
 * [12 years ago](https://wordpress.org/support/topic/wordpress-breach/#post-4908432)
 * so…. you’re seeing a smiley face in the footer? Does it look like this?
 * `www.thelonetree.org/wp-content/plugins/jetpack/_inc/images/stats-smiley.gif`
 *  [Clayton James](https://wordpress.org/support/users/claytonjames/)
 * (@claytonjames)
 * [12 years ago](https://wordpress.org/support/topic/wordpress-breach/#post-4908439)
 * Yeah. Here you go. Here’s your last cached home page at Google (May 9, 2014 13:
   17:58 GMT):
 * `http://webcache.googleusercontent.com/search?biw=1680&bih=923&sclient=psy-ab&
   q=cache%3Athelonetree.org+&oq=cache%3Athelonetree.org+&gs_l=hp.3..0l4.1650.4054.0.4259.7.7.0.0.0.0.219.873.0j4j1.5.0....
   2...1c.1.43.psy-ab..2.5.824.DhovWeU2Ueg&pbx=1`
 * Notice the black smiley face in the footer on the cached page. Here’s the source
   for the image on the cached page: `<img alt="" src="http://stats.wordpress.com/
   g.gif?host=webcache.googleusercontent.com&rand=0.3653437604134473&v=ext&j=1%3A2.9.3&
   blog=63561127&post=12&tz=0&ref=" id="wpstats">`
 *  [Pioneer Web Design](https://wordpress.org/support/users/swansonphotos/)
 * (@swansonphotos)
 * [12 years ago](https://wordpress.org/support/topic/wordpress-breach/#post-4908441)
 * It’s from Jetpack….just find the setting and turn it off..
 *  Thread Starter [TheB741](https://wordpress.org/support/users/theb741/)
 * (@theb741)
 * [12 years ago](https://wordpress.org/support/topic/wordpress-breach/#post-4908446)
 * Thank you so much ClaytonJames! I assume clearing the cache of my site would 
   fix te probelm, however how did my enemy do this?
 *  [Clayton James](https://wordpress.org/support/users/claytonjames/)
 * (@claytonjames)
 * [12 years ago](https://wordpress.org/support/topic/wordpress-breach/#post-4908450)
 * I seriously doubt (based just on what I see) there is any ‘hacking’ involved.
   The smiley face is evidence of the use – or uniformed misuse – of the wp-stats
   feature included in the jetpack plugin, or other wp-stats script.
 * The worse case scenario I envision happening here, is that you gave someone administrative
   access to your site and they turned a wp-stats plugin on or off -or- changed 
   the visibility of the smiley through a simple edit of a css file. It’s more likely
   that a little research and experimentation with the available documentation for
   wp-stats would
    assuage your hacking fears.
 * wp-stats, jetpack, wp-stats smiley face, and any of many other variations of 
   that query are both abundant, and easily searchable here in the forums and – 
   if you prefer – on Google.
 * I really don’t think you have any issues of nefarious intent present surrounding
   that smiley face.
 *  Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/)
 * (@jdembowski)
 * Forum Moderator and Brute Squad
 * [12 years ago](https://wordpress.org/support/topic/wordpress-breach/#post-4908460)
 * Please do not create duplicate topics.
 * [https://wordpress.org/support/topic/website-hackbreach?replies=6](https://wordpress.org/support/topic/website-hackbreach?replies=6)
 * Closing this one, continue there as needed.

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘WordPress Breach’ is closed to new replies.

## Tags

 * [breach](https://wordpress.org/support/topic-tag/breach/)
 * [Face](https://wordpress.org/support/topic-tag/face/)
 * [small](https://wordpress.org/support/topic-tag/small/)
 * [sources](https://wordpress.org/support/topic-tag/sources/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 7 replies
 * 5 participants
 * Last reply from: [Jan Dembowski](https://wordpress.org/support/users/jdembowski/)
 * Last activity: [12 years ago](https://wordpress.org/support/topic/wordpress-breach/#post-4908460)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics