Porn Ads suddenly showed up on site

W

wolf3000

Junior Member
Joined
Aug 8, 2019
Messages
135
Reaction score
49
Today, I visited one of my websites and I noticed that porn ads were popping up on my site along with someone other phishing links that said to click here for so and so.

I never installed anyone ads on the site before so I am guessing some SOB hacked into the site and injected code into the site.

I'm running wordfence right now which usually does a pretty good job so I'm a bit confused on how this person got into the site.

My question is how do I clean up this mess from this SOB? Would a simply restore of a Wordpress backup solve the issue, along with changing up all of my usernames and passwords?

Also would putting the site up on cloudflare offer an extra level of security?
 
Advertise on BHW
Have you recently installed a nulled plugin or theme? If so, it may be some malicious file that has been injected into the code. "There is no free lunch"
 
Kamus said:
Have you recently installed a nulled plugin or theme? If so, it may be some malicious file that has been injected into the code. "There is no free lunch"
Click to expand...

Nope, in fact, I haven't even touched the site in months all except to update themes and to block out hackers that attempt to hack into the site.

I am running an older version of Wordpress though because I found the newer versions were buggy and causing issues for my site. Could this be the reason why along with maybe some insecure plugin I have?
 
igotitfirst said:
Your site is compromised
Click to expand...

Solutions?

I just scanned with wordfence and deleted a whole bunch of files which has broke the site. I also just did an online scan with sucuri and the site is in the clear.
 
First make sure that the problem is in fact on the website, and not in your browser or on your pc, try to view the website on another device.

If it is the site, inspect a piece of malicious code through the chrome inspect, and scan your files.

If none of this works, you can try to see with your hosting the existence of some old backup.
 
Kamus said:
First make sure that the problem is in fact on the website, and not in your browser or on your pc, try to view the website on another device.

If it is the site, inspect a piece of malicious code through the chrome inspect, and scan your files.

If none of this works, you can try to see with your hosting the existence of some old backup.
Click to expand...

I just restored a backup of the site before seeing this comment but the ads seem to have disappeared, so I'm guessing it's on the website side and not my browser?

I had already deleted a bunch of files that wordfence had flagged which ended up breaking the site and so I had to do a restore of a backup. I'm going to update to the latest version of Wordpress as well and install cloudflare and changing all of my usernames and passwords. Hopefully this helps solve the issue. I was getting a lot of hack attempts on the site everyday for some reason. It isn't even a popular site, just some small site with about 2 dozen articles or so.
 
wolf3000 said:
Solutions?

I just scanned with wordfence and deleted a whole bunch of files which has broke the site. I also just did an online scan with sucuri and the site is in the clear.
Click to expand...
I'm no security experts but I faced similar situations. I hired a freelancer from fiverr who implanted the virus on my web host files.

In this case, if you are not tech savy (code), it will be very difficult to remove the virus code. In fact even if you remove it, it can regenerate itself again and again.

The best thing, would be to copy your pages/post texts and urls, images and other contents you feel valuable manually and store it offline . Then remove all the files from your hosting file manager and clean the recycle bin as well. After that, ask your hosting provider to wipe it clean and if possible ask them to move your site to another server.

Next, manually restore each and every pages to your new server. It's quite a tedious task but it works. Never use nulled themes/plugins and use strong admin login pass. Lastly, never trust with giving anybody your login credentials. I do not trust even freelancers.
Just my 2 cents
Good luck!
 
igotitfirst said:
I'm no security experts but I faced similar situations. I hired a freelancer from fiverr who implanted the virus on my web host files.

In this case, if you are not tech savy (code), it will be very difficult to remove the virus code. In fact even if you remove it, it can regenerate itself again and again.

The best thing, would be to copy your pages/post texts and urls, images and other contents you feel valuable manually and store it offline . Then remove all the files from your hosting file manager and clean the recycle bin as well. After that, ask your hosting provider to wipe it clean and if possible ask them to move your site to another server.

Next, manually restore each and every pages to your new server. It's quite a tedious task but it works. Never use nulled themes/plugins and use strong admin login pass. Lastly, never trust with giving anybody your login credentials. I do not trust even freelancers.
Just my 2 cents
Good luck!
Click to expand...

Wow, that's messed up. Thanks
 
The some theme/plugin is surely have bad code which is creating a bad ads.
 
Advertise on BHW
You must log in or register to reply here.
Sign up now!

Main Menu

Home Main Forum List Black Hat SEO White Hat SEO BHW Newbie Guide Blogging Black Hat Tools Social Networking Downloads

Marketplace

Content / Copywriting Hosting Images, Logos & Videos Proxies For Sale SEO - Link building SEO - Packages Social Media Social Media - Panels Web Design Misc

Making Money

Affiliate Programs Hire a Freelancer Making Money Pay Per Click Site Flipping

BlackHatWorld

BHW Merch Forum Suggestions & Feedback Introductions Lounge Dispute Resolution

Other

Domain Name Forum IM Journeys Web Hosting Newsletter
Back
Top