Support » Fixing WordPress » WordPress issue on search that propagate spam

  • Hi all,

    since few days i’m expectiing a strange error on my php-error.log:

    Illegal mix of collations (utf8_general_ci,IMPLICIT) and (utf8mb4_unicode_ci,COERCIBLE) for operation 'like' per la query SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND (((wp_posts.post_title LIKE '%👐🧩 Comprar Priligy Online - 🔥 www.CoopPharmacy.store 🔥 <- Pharmacy link 🧩👐Priligy Tablets Buy Online - Buy Priligy Tablets%') OR (wp_posts.post_excerpt LIKE '%👐🧩 Comprar Priligy Online - 🔥 www.CoopPharmacy.store 🔥 <- Pharmacy link 🧩👐Priligy Tablets Buy Online - Buy Priligy Tablets%') OR (wp_posts.post_content LIKE '%👐🧩 Comprar Priligy Online - 🔥 www.CoopPharmacy.store 🔥 <- Pharmacy link 🧩👐Priligy Tablets Buy Online - Buy Priligy Tablets%'))) AND (wp_posts.post_password = '') AND wp_posts.post_type IN ('post', 'page', 'attachment') AND (wp_posts.post_status = 'publish') ORDER BY wp_posts.post_date DESC LIMIT 0, 10 fatta da require('wp-blog-header.php'), wp, WP->main, WP->query_posts, WP_Query->query, WP_Query->get_posts

    After some investigations, i found that this error is raised by Google search, as mod_security confirm (https://pastebin.com/uqyqSZKk), using search feature of my WP blog. Seems caused by a misleading/mismatching handling of encoding in search functions, that print-out (and cache) spam message.

    Any ideas/hints how to solve this issue?

Viewing 8 replies - 1 through 8 (of 8 total)
  • I strongly suggest you to use WordFence and scan your site. It appears that your site has been infected with some malicious code, but we won’t know until you scan your site.

    Did you ever get a full answer for this? I too see this in one of the sites. In a month, it raised the error log over 30MB in size. That is ridiculous. I looked for keywords within the error (the spam messages) to make sure nothing exists in any of the tables within the DB as well as any of the files.

    I honestly thought it was spam comments that were thankfully being blocked by Asmiket or whatever, but then I finally ran into this post.

    Thread Starter Michele Pinassi

    (@o-zone)

    Nothing, i found that there’s some Google searches pointing to my “spam” URLs, asking for removal. Then i modify my theme search result page, to avoid any “echo” of the spam message. But, unfortunately, sometimes (once/twice a week) my log raised another error 🙁

    That is so incredibly weird and annoying.

    Joy

    (@joyously)

    The no-index on search pages has been fixed in 5.7. https://core.trac.wordpress.org/ticket/52457

    jh20001

    (@jh20001)

    Joy, this is really good to hear. I just cleared my error log after a week (since last clear) yesterday and it was at 39.8MB in size. It’s been getting ridiculous for so unbelievably long now.

    Then again, taking a look. It is WP 5.7.1 and still getting this. (sshot coming in a second)

    Screenshot example of some of the log entries: https://i.imgur.com/Tyq40xM.jpg

    • This reply was modified 5 months ago by jh20001.
    • This reply was modified 5 months ago by jh20001.
    • This reply was modified 5 months ago by jh20001.
    Joy

    (@joyously)

    Actually, I was thinking this was a different issue. I don’t know if there’s a ticket for this one. It might be a good idea to make sure the input is the same collation as used in the database, before searching.
    You can write a new ticket (search for one first) at https://core.trac.wordpress.org/

    jh20001

    (@jh20001)

    I may have to step back and let Michele Pinassi (op) consider this one. I am still up in the air on how to completely detail this one in words. It falls outside of my knowledge in areas that I’d be worried about not wording it properly.

Viewing 8 replies - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.