Title: Moe's Replies | WordPress.org

---

# moeo

  [  ](https://wordpress.org/support/users/moeo/)

 *   [Profile](https://wordpress.org/support/users/moeo/)
 *   [Topics Started](https://wordpress.org/support/users/moeo/topics/)
 *   [Replies Created](https://wordpress.org/support/users/moeo/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/moeo/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/moeo/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/moeo/engagements/)
 *   [Favorites](https://wordpress.org/support/users/moeo/favorites/)

 Search replies:

## Forum Replies Created

Viewing 13 replies - 1 through 13 (of 13 total)

 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Chinese SEO results?](https://wordpress.org/support/topic/chinese-seo-results/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [1 year, 2 months ago](https://wordpress.org/support/topic/chinese-seo-results/#post-18336906)
 * It’s certainly Japanese keyword hack. Here is a snippet of how your website source
   code looks like and loading malicious japanese content from .jp domains etc [https://snipboard.io/5NbBwp.jpg](https://snipboard.io/5NbBwp.jpg)
   
   This [free malware scanner](https://scan.moesec.com/scan?site=madoskampas.lt)
   is confirming the Japanese keyword hackIn addition to the previous recommendation,
   This [guide ](https://moesec.com/blog/how-to/understanding-the-japanese-keyword-hack/)
   may help spotting/finding and cleaning this case
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Breadcrumbs Shortcode] Malware?](https://wordpress.org/support/topic/malware-166/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [1 year, 4 months ago](https://wordpress.org/support/topic/malware-166/#post-18239155)
 * Hey [angeljs](https://wordpress.org/support/users/angeljs/)
   You can compare that
   file to another clean copy and see if there is any difference? It may be a false
   positive or so. If you can share the code/screenshot of it or a pastebin link
   for it I would be happy to check it for you. NB: I’m not associated with any 
   of the plugins involved here, just trying to help.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [After removing malware, clicks to “somesite.com/[string]”](https://wordpress.org/support/topic/after-removing-malware-clicks-to-somesite-com-string/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [1 year, 4 months ago](https://wordpress.org/support/topic/after-removing-malware-clicks-to-somesite-com-string/page/2/#post-18206622)
 * @[slywy ](https://wordpress.org/support/users/slywy/)
   The website is blacklisted
   so you may need to work on getting it removed from the blocklists. Thank you[https://www.virustotal.com/gui/url/11e807919d33eca7c2435c4147aeee3b6ecead591ef18032caf502aaeb529426](https://www.virustotal.com/gui/url/11e807919d33eca7c2435c4147aeee3b6ecead591ef18032caf502aaeb529426)
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Useful Tool | Base64 Malware Detector | SiteGuarding](https://wordpress.org/support/topic/useful-tool-base64-malware-detector-siteguarding/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [1 year, 5 months ago](https://wordpress.org/support/topic/useful-tool-base64-malware-detector-siteguarding/#post-18184029)
 * Hello
 * Just commenting on “I haven’t found any other online tool that does this” Several
   website security providers are offering free external website security scan. 
   However, Just few that really detect & analyze sophisticated malware injections(
   i.e: credit card skimmers, etc). The rest are just looking for basic patterns
   such as base64 or specific keywords. Just Google free website scanner or checker
   and you will find many others that you can try. Have a great one
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] The website is repeatedly attacked by hackers](https://wordpress.org/support/topic/the-website-is-repeatedly-attacked-by-hackers/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [1 year, 5 months ago](https://wordpress.org/support/topic/the-website-is-repeatedly-attacked-by-hackers/#post-18149627)
 * [@lubos55](https://wordpress.org/support/users/lubos55/) Unfortunately, Some 
   website security scanners as well as some antivirus products are still reporting
   live malware on your website. I’ve tested it and still see redirecting to livedashboard
   and other malicious websites.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Free malware scan/clean](https://wordpress.org/support/topic/free-malware-scan-clean/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [1 year, 7 months ago](https://wordpress.org/support/topic/free-malware-scan-clean/#post-18074152)
 * Maybe it was used previously by you or your developer/webmaster. If you have 
   other valid backups for your site then you can safely remove this folder if you
   want.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Free malware scan/clean](https://wordpress.org/support/topic/free-malware-scan-clean/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [1 year, 7 months ago](https://wordpress.org/support/topic/free-malware-scan-clean/#post-18074058)
 * The old folder updraft/themes-old/ is associated with your updraft plugin. Check
   the exact malware warning or check the content of this folder as it may contain
   malicious/suspicious files.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Free malware scan/clean](https://wordpress.org/support/topic/free-malware-scan-clean/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [1 year, 7 months ago](https://wordpress.org/support/topic/free-malware-scan-clean/#post-18073975)
 * [@androidandreas](https://wordpress.org/support/users/androidandreas/) Your website
   is still infected with SEO spam as you can see in this screenshot [https://snipboard.io/MJ8CiY.jpg](https://snipboard.io/MJ8CiY.jpg).
   You may need to search your db/files for it first hopefully you can find and 
   remove it and it may be encoded or hidden somewhere else in any files or any 
   db entries. so a full check may be needed.
 *   Forum: [Networking WordPress](https://wordpress.org/support/forum/multisite/)
   
   In reply to: [Strange files with many .json-docs in wp-content](https://wordpress.org/support/topic/strange-files-with-many-json-docs-in-wp-content/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [1 year, 8 months ago](https://wordpress.org/support/topic/strange-files-with-many-json-docs-in-wp-content/#post-17992679)
 * It seems to be associated with the Real Cookie Banner plugin, Do you recognize
   or use it on your website or anything from devowl?
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [error 403 after changing hostings manually](https://wordpress.org/support/topic/error-403-after-changing-hostings-manually/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [1 year, 11 months ago](https://wordpress.org/support/topic/error-403-after-changing-hostings-manually/#post-17782038)
 * `: AH01276: Cannot serve directory /home/name/public_html/wp-content/uploads/:
   No matching DirectoryIndex`
 * This error means that there is no index file inside your uploads folder so you
   can try to create/upload an empty index.php inside it and see if that works.
 * Also, Do you have any options flag in your .htaccess file? Whether the main one
   under public_html or the one in your uploads folder? Probably a security plugin
   added this for hardening or it’s a global webserver config to prevent directory
   listing for security reasons.
 *   Forum: [Networking WordPress](https://wordpress.org/support/forum/multisite/)
   
   In reply to: [Multisite large database](https://wordpress.org/support/topic/multisite-large-database/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [1 year, 11 months ago](https://wordpress.org/support/topic/multisite-large-database/#post-17782022)
 * Hello
   We use master-slave or master-master replication setup for such huge websites
   so this is something that you may consider. Your server admin should be able 
   to set it up for you.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Admin Dashboard Show but all links give a no page found](https://wordpress.org/support/topic/admin-dashboard-show-but-all-links-give-a-no-page-found/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [2 years ago](https://wordpress.org/support/topic/admin-dashboard-show-but-all-links-give-a-no-page-found/#post-17749236)
 * [@algisj](https://wordpress.org/support/users/algisj/) The spammy links are created
   by a malicious code injected in one of your files or in your db entries. It may
   be due to spammy .htaccess rewrite rules as well so this is a good start point
   to search and check your .htaccess files and try replacing the core WP folders(
   wp-admin & wp-includes) using a clean & fresh copy of WP and check the timestamps
   of your wp-content files & folders, Compare it to clean copies to determine if
   something there is causing this.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Admin Dashboard Show but all links give a no page found](https://wordpress.org/support/topic/admin-dashboard-show-but-all-links-give-a-no-page-found/)
 *  [moeo](https://wordpress.org/support/users/moeo/)
 * (@moeo)
 * [2 years ago](https://wordpress.org/support/topic/admin-dashboard-show-but-all-links-give-a-no-page-found/#post-17749077)
 * Unfortunately, Your website seems to be infected by the Japanese SEO Spam hack.
   It’s trying to hide it and make it stealthy as long as possible that’s why it’s
   triggered when visited using specific useragents only.
 * An example of this SEO spam injection, this link, Remove the brackets and try
   to visit it? Your antivirus will just warn you about something malicious and 
   you will get instantly redirected to .jp and .top malicious websites.
 * neurologica[.]ai/goods/suspect101466235?id=6281
 * Here is a screenshot of the shown seo spam when visited using google bot useragent
   [https://snipboard.io/iyTG2k.jpg](https://snipboard.io/iyTG2k.jpg)
 * Here is a guide that may help fixing it [https://web.dev/articles/fix-the-japanese-keyword-hack](https://web.dev/articles/fix-the-japanese-keyword-hack)

Viewing 13 replies - 1 through 13 (of 13 total)