|
somoene inserted links on my site
Hmm...I've discovered unwanted links on one of my wordpress blogs. It seems they are placed in footer.php. Below is a print screen of the code.
Does anyone have an idea how this was done and how to protect it in the future? The theme is Generate Press and they are not having a real answer, denying it was a problem with a theme. This site has no Wordfence plugin installed,but the other one with it, had the same problem. thanks https://i.postimg.cc/YSWSLFqM/download.png <div style="display:none"> <p>Are you looking for free Arab porn websites? The Internet is full of porn sites but what's the difference between porn and porno sites? Here are a few things to look out for. Porn sites feature girls and women that are mostly dressing up to look like women and for men. They are not dressed sensuously or they are not made to look like they are being intimate with their partners.Not only are the girls dressed in something other than a short skirt, they are also often younger than the man who is watching them. And there are times when the young woman in the videos could be his girlfriend.</p> <p><a href="*ttps://xnxxarabsex.com/categories/سكس-عربي/">arab sex</a></p> <p><a href="*ttps://sexe-libre.org/pokimane-sex-tape-nudes-twitch-streamer">pokimane nudes</a></p> <p><a href="*ttps://sexsaoy.com/">arab sex stories</a></p> <p><a href="*ttps://aflamaljins.com">aflamaljins.com</a></p> <p><a href="*ttps://russiainporn.com">russiainporn.com</a></p> <p><a href="*ttps://afdalsex.com/">afdal sex</a></p> <p><a href="*ttps://overpic.com/">mature sex</a></p> |
Wordfence might be able to clear that up , I woild sugges you update all your plugins and change all your passwords also.
|
Hi,
Make sure your Wordpress and plugins are up to date. Not only the site that got injected but all sites on the server. I would also suggest listing all newly edited files on your host, to find all affected files. Here's a script that will do this for you Quote:
Cheers, z |
|
I've had that before, for me it was some old outdated plugins that were exploited.
Goodluck fixing, it sure sucks these hacker/scammers stealing space on your sites :disgust |
Also make sure not to use any nulled themes and plugins. Only buy software from verified sources.
|
It is likely malicious code in little bits of Javascript. WordFence may be able to tell you the specific files, but, to keep them from coming back, you need to update everything, delete unused themes like old exploitable default themes, and upgrade to current php. And report whatever affiliate is doing this to any program where you see the affiliate ID.
Hope this helps. Good luck. |
Wordpress is just non stop problem after problem. I like it as easy but always trashed by hackers.
|
Quote:
h*ttps://stagepopkek.com/lv/esnk/1836018/code.js h*ttps://mafrarc3e9h.com/lv/esnk/1839026/code.js etc etc I think the number in the javascript url is the affiliate's website/domain ID (1836018, 1839026 etc). |
Would be interesting to know what other plugins you are running. I've seen similar issues in the past with certain cache plugins.
Do make sure your plugins are updated and Google each one of them to see if you find people with similar issues. |
its XSS injection. I've had this happen ACROSSS my network of adult porn blog sites.
I tried all the plugins, etc bs none will work Solution: GTFO of wordpress! I had a custom built script for myself. Fast, no updates required ever and open source. NO MORE worrying about XSS injections ever! |
Quote:
|
secure your admin. there are files still that reveal info
|
Quote:
|
Also make sure none of your files are set with 777 permissions.
|
Quote:
The code was injected into cached files so luckily it was quite easy to turn off caching and clean those directories. |
| All times are GMT -7. The time now is 06:43 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc