inspired2write

Hi lovablechelsey,

I’m in a similar boat with you. My site was also attacked with a script mentioned here by another member:

http://wordpress.org/support/topic/210013?replies=8

Read the members last post in that thread. The member stated that the script was hiding on their hosts server, and until it was deleted from the server it resurfaced on that persons blog. Hope that might help, if the seoegghead doesn’t fix your challenge.

Have you checked to see if it’s a browser problem? Check to see what happens when you use another browser to access your site. Not sure what else to suggest without more info.

Hi NuevolutionWD,

Just in case, you might want to check out this forum:
http://wordpress.org/support/topic/210013?replies=8

You may want to check to make sure your site was not hit with a malicious script, as mentioned in that forum thread. I’m in the process of cleaning up my 2.7.1 site, which was hit with the same script mentioned in the above thread. The script causes a “headers already sent” error, which was from iframe urls placed into the site header, and footer, and in my case also prevented me from logging into my WP Admin dashboard.

Check “view page source” from your site and see if there are any “iframe urls” listed above your header codes. (Just one way to look for it to begin with). I’m hoping it’s not what has happened to you, because it’s a nightmare to clean up! 🙁

Just discovered my site has been hacked today too. 🙁 The problem first showed when a BadBehavior error message came up, indicating the headers were already sent, so I looked at my page source and saw the header iframe hack, which is showing the source from: worldnamebuy.cn.

Although I can access my website’s home page and other pages, I cannot access my WordPress admin panel when I attempt to login. The last time I accessed my site without any problem was late last week. I thought I would report here one of the last things I did last week from my admin panel, prior to this problem. I deleted 4 spam comments, which Akismet caught, but had gotten past BadBehavior.

Prior to that I had updated my BadBehavior software from within the WordPress admin panel, but unfortunately after doing so I read over on BadBehaviors site that depending on what version of WordPress and BadBehavior you had, that you should instead do the upgrade from within your ftp, not from with the WordPress panel.

I hope my information in regards to what I was doing last on my site before the hack may help someone avoid the same pain, assuming there may be any connection. I also use Firefox with numerous extensions, and will need to check those out.

McRebbe,

This will probably not help you in regards to validation, but you should consider upgrading your WordPress to the current 2.05 for security reasons. Just thought I would mention that since you indicated you are running 2.02

Yes, I hope that provides you with a resolve! I love a good mystery, but I think I would rather play a game of clue! 😀

Let us know if that fixes the challenge!