Results 1 to 13 of 13
  1. #1
    ABW Veteran Mr. Sal's Avatar
    Join Date
    January 18th, 2005
    Posts
    6,795
    Exclamation WordPress -->> Check Your Themes Code...
    While I was trying to read a blog today, I noticed that a few seconds after the site load, that it was redirected to another side...

    At first I thought it was my browser doing the redirect, but after a few checks and a fast View Source, I was able to see the javascript code, of the crook affiliate doing the hacking...

    I already notified the site owner of the problem on their blog...

    The hijacking of the original blog site start with something like this:
    http : // 6933.33544.identifyplaces.com/jump2/?affiliate=xxxx&subid=xxxx&terms=keyword etc...

    You can read more here: Website is being redirected

  2. #2
    ABW Ambassador writerguy's Avatar
    Join Date
    January 17th, 2005
    Location
    Springfield, Missouri, USA
    Posts
    3,248
    Thanks for that link, Sal. I went there, read through the forum thread, and felt others might be very interested in one of the blogs linked to from that discussion. It has an excellent step-by-step discussion of cleaning up a hacked WP site:

    http://smackdown.blogsblogsblogs.com...-installation/

    That blog post is a couple of years old, but I think it still has some dead-on useful information if you find your WP site hacked.
    Generate more fake news.

  3. #3
    SEO: A Specialty - Web Design: Slow or outsourced andbeyond's Avatar
    Join Date
    June 18th, 2006
    Location
    The Call is coming from Inside the House!
    Posts
    1,332
    Always update WP when you feel it is safe after a few weeks. Also dont run torrented plugins or plugins or themes you are not 100% sure of. Get them from WP site.

  4. #4
    ABW Ambassador CathyM's Avatar
    Join Date
    May 30th, 2006
    Location
    Torrance, CA
    Posts
    893
    I had 2 wordpress blogs hacked in January, both using the same theme. They added javascript to header.php and they added themselves as an admin user. I re-loaded the theme, deleted the admin account, changed all passwords, and upgraded wordpress.

  5. #5
    ABW Ambassador kaizen's Avatar
    Join Date
    January 18th, 2005
    Location
    Canada
    Posts
    666
    I normally use premium WP themes, but this may be of some use for those who use free themes.

  6. #6
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Nunya, Business
    Posts
    23,684
    Quote Originally Posted by kaizen
    I normally use premium WP themes, but this may be of some use for those who use free themes.
    I use that for one of my blogs. While there might be some perfectly fine reasons for encrypted code and such (not sure), I'm just not taking the chance.

  7. #7
    ABW Ambassador beachcom's Avatar
    Join Date
    May 11th, 2006
    Location
    Myrtle Beach SC
    Posts
    723
    Yep, got rid of all my free themes a while ago. I think paying a small fee for a premium theme is good for the peace of mind. Not that a premium theme can't get hacked if you don't keep your WP updated.

  8. #8
    Tax Paying Member
    Join Date
    November 14th, 2005
    Location
    Chapel Hill, NC
    Posts
    2,119
    Quote Originally Posted by kaizen
    I normally use premium WP themes, but this may be of some use for those who use free themes.
    I use all free themes but never use a theme until it is checked by "THIS".
    Also use the security scan and listen to what it tells you.
    You must climb this mountain. There is no elevator. ---- Don't stick your finger in the liquid nitrogen.
    Carolina China

  9. #9
    Member TVChatten's Avatar
    Join Date
    January 16th, 2010
    Location
    VA
    Posts
    76
    Glad I stumbled upon this thread. I seriously didn't know that WP Themes could even be a potential problem for hijacked blogs. Such a shame, but I'm definitely gonna download TAC and check my new theme when I get it uploaded to my site as I usually use free themes.

  10. #10
    Moderator
    Join Date
    April 6th, 2006
    Posts
    2,689
    Thought I would add my two cents worth...

    A couple of sites on different servers kept getting hacked - the same code being injected. Couldn't figure it out for the life of me.. and then.. it turned out to be a compromised ftp password!

    Hacker logged in, kicked off script, then logged off.

    Just a reminder to keep changing passwords! Wordpress and ftp...

  11. #11
    Comfortably Numb John Powell's Avatar
    Join Date
    October 17th, 2005
    Location
    Bayou Country, LA
    Posts
    3,432
    I just installed TAC on one of my blogs, but I can't see any way to make it scan manually. Does it just work in the background with no news unless bad news?

    Edit: Never mind I see it listed under Appearance.


  12. #12
    Tax Paying Member
    Join Date
    November 14th, 2005
    Location
    Chapel Hill, NC
    Posts
    2,119
    John,
    Dashboard
    Appearance
    Tac
    You must climb this mountain. There is no elevator. ---- Don't stick your finger in the liquid nitrogen.
    Carolina China

  13. #13
    Affiliate Manager ParadigmWilliam's Avatar
    Join Date
    September 23rd, 2007
    Posts
    364
    Funny, I just visited an old WP site of mine and it had the same hack. Cleaned it up and patched the security hole. Its a pain in the but.
    [URL="http://www.manageaffiliatelinks.com/"][COLOR="Red"][B]Manage Affiliate Links[/B][/COLOR][/URL] - Redirect Dead, Expired, or Broken Links

    [URL="http://www.wpcoupon.com/"][COLOR="Blue"][B]WP Coupon[/B][/COLOR][/URL] - Turn Wordpress into a Coupon Site!

  14. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. 30 Business WordPress Themes
    By Rhia7 in forum Blogging, Mobile and Social Media
    Replies: 4
    Last Post: September 8th, 2013, 06:49 AM
  2. Wordpress Themes
    By Trust in forum Blogging, Mobile and Social Media
    Replies: 20
    Last Post: June 3rd, 2010, 04:36 AM
  3. Wordpress Themes Thread
    By lpcentral-homes in forum Blogging, Mobile and Social Media
    Replies: 12
    Last Post: January 30th, 2009, 09:01 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •