10 {{ upvoteCount | shortNum }}
10 {{ upvoteCount | shortNum }}

Need Knowledgable WordPress Help

by Charlie Houston
8 replies
Are there any WordPress Gurus that can help with a code problem? I think I need someone with extensive knowledge to be able to solve this one.:confused:
#knowledgable #wordpress
  • Profile picture of the author Mr. Enthusiastic
    Hi Charlie, from your other thread it looks like your site was hacked. I think if you post something like "My Wordpress site was hacked, please help me secure it" - both here and in the main discussion forum - you're more likely to get people who can walk you through a security audit & lockdown.

    Chris
    {{ DiscussionBoard.errors[1544854].message }}
  • Profile picture of the author VegasGreg
    Tell us your needs so we can try to help.
    Signature

    Greg Schueler - Wordpress Fanatic... Living The Offline Marketing Dream...

    {{ DiscussionBoard.errors[1544972].message }}
  • Profile picture of the author mywebwork
    Yes, please elaborate - there are a lot of WordPress experts here (including Greg, who has already replied to you) but we really need to know what the problem is before we can assist you.

    Also, by posting your actual problem this thread will be a more useful resource to everyone.

    Bill
    {{ DiscussionBoard.errors[1545052].message }}
  • Profile picture of the author pjCheviot
    Banned
    Charlie seems to have a few posts in various parts of the Forum - but maybe this is what he is trying to solve?

    http://www.warriorforum.com/programm...gWCx8s8F9lnStb
    {{ DiscussionBoard.errors[1545078].message }}
    • Profile picture of the author Charlie Houston
      Thanks to all who replied. Sorry I had to go out right after I posted. Here is the problem that I have.

      As I was reviewing my Google webmaster this morning, I noticed that one of my sites had 3000 + links. At first I was shocked and delighted???!!! Then as I started looking at the anchor text my delight turned to horror. I will never rank for my keywords with all of the totally irrelevant anchor text. After more research I have discovered that someone has buried hundreds of backlinks in my wordpress site. I do not know how they were able to do this but they have also done it to many, many other web sites. Is anyone willing to look at my source page and give me insight on how to get the unwanted backlinks off of the site and how to prevent further attacks.

      The website is http://hemroid-central.com. If you look at the very bottom of the source code you will see what I mean. There are several hundred links that I did not put there.

      It is the Atahualpa WordPress Theme.

      Thanks for taking the time.

      Charlie
      {{ DiscussionBoard.errors[1545858].message }}
      • Profile picture of the author Mr. Enthusiastic
        Originally Posted by Charlie Houston View Post

        After more research I have discovered that someone has buried hundreds of backlinks in my wordpress site. I do not know how they were able to do this but they have also done it to many, many other web sites. Is anyone willing to look at my source page and give me insight on how to get the unwanted backlinks off of the site and how to prevent further attacks.
        Charlie, I see the bogus links in the source code.
        I notice that on each page, the bogus links are after the closing html tag.
        This means one of two things.
        Either the database was hacked, adding all the bogus links to the bottom of each page. Or, more likely, the code was hacked so that after generating the page correctly, the bogus links are added as a kind of bizarre footer.

        I recommend that you ask your web host if they have an older backup of your site. Also, manually back up your database and all the files on your web site. Then switch from Atahualpa to a default theme, deactivate all plugins, and if you aren't using the most latest version of Wordpress, upgrade.

        If this makes the junk go away, that's great. Add one plugin at a time and see if the junk reappears. If all plugins are restored, switch back to Atahualpa and see if the problem is there. I use Atahualpa as well and it's very highly customizable. If there's a security hole on your site, it might let the attackers change the way Atahualpa generates footers.

        With all the web files downloaded to your local machine, use your operating system's search feature to search in those files for one of the unusual phrases in the bogus links, such as "pharoah." (I'm assuming you don't have any pages about hemorroids in ancient Egypt - if you do, pick another one of the bogus link terms.) This should reveal the one or more php script files that got hacked.

        After you've reinstalled, make sure that security permissions on your server are set to not allow anyone but you to edit the php script files.
        {{ DiscussionBoard.errors[1545916].message }}
        • Profile picture of the author Charlie Houston
          Originally Posted by Mr. Enthusiastic View Post

          Charlie, I see the bogus links in the source code.
          I notice that on each page, the bogus links are after the closing html tag.
          This means one of two things.
          Either the database was hacked, adding all the bogus links to the bottom of each page. Or, more likely, the code was hacked so that after generating the page correctly, the bogus links are added as a kind of bizarre footer.

          I recommend that you ask your web host if they have an older backup of your site. Also, manually back up your database and all the files on your web site. Then switch from Atahualpa to a default theme, deactivate all plugins, and if you aren't using the most latest version of Wordpress, upgrade.

          If this makes the junk go away, that's great. Add one plugin at a time and see if the junk reappears. If all plugins are restored, switch back to Atahualpa and see if the problem is there. I use Atahualpa as well and it's very highly customizable. If there's a security hole on your site, it might let the attackers change the way Atahualpa generates footers.

          With all the web files downloaded to your local machine, use your operating system's search feature to search in those files for one of the unusual phrases in the bogus links, such as "pharoah." (I'm assuming you don't have any pages about hemorroids in ancient Egypt - if you do, pick another one of the bogus link terms.) This should reveal the one or more php script files that got hacked.

          After you've reinstalled, make sure that security permissions on your server are set to not allow anyone but you to edit the php script files.
          Mr. Enthusiastic,
          Sorry so long to reply. Just after making that post I was called out of town for business so I have been out of the country until last night. I followed your advice and it seems to have solved the problem. Thanks to you and all who took the time to help. It is what makes this forum truly valuable. It is my hope that at some point I will be able to give back rather than leaning on you all so heavily. Thanks again!

          Charlie
          {{ DiscussionBoard.errors[1569695].message }}
          • Profile picture of the author Mr. Enthusiastic
            Originally Posted by Charlie Houston View Post

            I followed your advice and it seems to have solved the problem.
            That's what I love to hear.
            {{ DiscussionBoard.errors[1569997].message }}

Trending Topics