Ack! I think I've been Adsense Hacked...help!

[vtotheyouknow]

I only have a few pages of content up on a brand new site and when I search my site:www.mysite.com in Google I get 40+ results with "/php?dskfjalkfa" after it.

When I click through, it takes me to my homepage with ads that are slightly different than what I had on my homepage and the URL displays a bunch of craziness.

Is this an Adsense hack or a WP hack or what?

[xylement]

more like a WP hack than Adsense to me. But still I don't know how to fix it =|

[JimmyR]

Wow that's weird. Haven't seen one like that before but here's what you can try to do to fix it (it will be easiest if you don't have modified theme files):

1. Change your FTP password
2. Re-Upload All Wordpress Files - (latest version - IMPORTANT!)
3. Re-Upload All Theme Files

If you are using a dodgy theme or plugin, that can open backdoors so check out their credibility. If you are using an automatic ads plugin that could be doing something funny, but not necessarily a hack, but I don't know much about these.

If you have custom themes, you'll have to download the theme folder with FTP and look through all the index.php files (most common) and other php's to try and find something that looks like: eval(base64_decode(LOTSOFRANDOMCRAZYLETTERSHERE)).

I had 2/3 of my sites hacked recently and I got lucky, in that there was only one eval base64 hack in my main index php.

[paulgl]

Do you have a folder called php? Do you have a page called
domain.com/php? Check them out and see if you can delete
them, or at least change the code on domain.com/php

Not knowing whether its a page or not, but you could do
a 301 redirect for /php to the homepage after destroying
the junk. Then contact your host about being hacked.

Checkout the publisher id, find more sites, and give it a good
spamming, clicking, etc.

Paul

[tonyalves]

Once you have things fixed, you might want to consider using CloudFlare.

It improves security, speed and provides a lot more benefits.

I use it on my blogs.

Tony Alves

[damoncloudflare]

Quote:

Originally Posted by vtotheyouknow

I only have a few pages of content up on a brand new site and when I search my site:www.mysite.com in Google I get 40+ results with "/php?dskfjalkfa" after it.

When I click through, it takes me to my homepage with ads that are slightly different than what I had on my homepage and the URL displays a bunch of craziness.

Is this an Adsense hack or a WP hack or what?

The first thing I would do is have your host check to see if you've been hacked & for them to clean any malicious files off of your server.

[OnlineMarketingSys]

Quote:

Originally Posted by vtotheyouknow

I only have a few pages of content up on a brand new site and when I search my site:www.mysite.com in Google I get 40+ results with "/php?dskfjalkfa" after it.

When I click through, it takes me to my homepage with ads that are slightly different than what I had on my homepage and the URL displays a bunch of craziness.

Is this an Adsense hack or a WP hack or what?

Sounds like one of the recent Wordpress Malware attacks. There are a couple wordpress vulnerabilities that are infecting peoples sites at the moment.