Porn Ads suddenly showed up on site

wolf3000

Junior Member
Joined
Aug 8, 2019
Messages
135
Reaction score
49
Today, I visited one of my websites and I noticed that porn ads were popping up on my site along with someone other phishing links that said to click here for so and so.

I never installed anyone ads on the site before so I am guessing some SOB hacked into the site and injected code into the site.

I'm running wordfence right now which usually does a pretty good job so I'm a bit confused on how this person got into the site.

My question is how do I clean up this mess from this SOB? Would a simply restore of a Wordpress backup solve the issue, along with changing up all of my usernames and passwords?

Also would putting the site up on cloudflare offer an extra level of security?
 

Kamus

Junior Member
Joined
Mar 12, 2020
Messages
111
Reaction score
79
Have you recently installed a nulled plugin or theme? If so, it may be some malicious file that has been injected into the code. "There is no free lunch"
 

wolf3000

Junior Member
Joined
Aug 8, 2019
Messages
135
Reaction score
49
Have you recently installed a nulled plugin or theme? If so, it may be some malicious file that has been injected into the code. "There is no free lunch"

Nope, in fact, I haven't even touched the site in months all except to update themes and to block out hackers that attempt to hack into the site.

I am running an older version of Wordpress though because I found the newer versions were buggy and causing issues for my site. Could this be the reason why along with maybe some insecure plugin I have?
 

wolf3000

Junior Member
Joined
Aug 8, 2019
Messages
135
Reaction score
49
Your site is compromised

Solutions?

I just scanned with wordfence and deleted a whole bunch of files which has broke the site. I also just did an online scan with sucuri and the site is in the clear.
 

Kamus

Junior Member
Joined
Mar 12, 2020
Messages
111
Reaction score
79
First make sure that the problem is in fact on the website, and not in your browser or on your pc, try to view the website on another device.

If it is the site, inspect a piece of malicious code through the chrome inspect, and scan your files.

If none of this works, you can try to see with your hosting the existence of some old backup.
 

wolf3000

Junior Member
Joined
Aug 8, 2019
Messages
135
Reaction score
49
First make sure that the problem is in fact on the website, and not in your browser or on your pc, try to view the website on another device.

If it is the site, inspect a piece of malicious code through the chrome inspect, and scan your files.

If none of this works, you can try to see with your hosting the existence of some old backup.

I just restored a backup of the site before seeing this comment but the ads seem to have disappeared, so I'm guessing it's on the website side and not my browser?

I had already deleted a bunch of files that wordfence had flagged which ended up breaking the site and so I had to do a restore of a backup. I'm going to update to the latest version of Wordpress as well and install cloudflare and changing all of my usernames and passwords. Hopefully this helps solve the issue. I was getting a lot of hack attempts on the site everyday for some reason. It isn't even a popular site, just some small site with about 2 dozen articles or so.
 

igotitfirst

Banned - Multiple Rules Violations
Joined
Jul 18, 2020
Messages
175
Reaction score
88
Solutions?

I just scanned with wordfence and deleted a whole bunch of files which has broke the site. I also just did an online scan with sucuri and the site is in the clear.
I'm no security experts but I faced similar situations. I hired a freelancer from fiverr who implanted the virus on my web host files.

In this case, if you are not tech savy (code), it will be very difficult to remove the virus code. In fact even if you remove it, it can regenerate itself again and again.

The best thing, would be to copy your pages/post texts and urls, images and other contents you feel valuable manually and store it offline . Then remove all the files from your hosting file manager and clean the recycle bin as well. After that, ask your hosting provider to wipe it clean and if possible ask them to move your site to another server.

Next, manually restore each and every pages to your new server. It's quite a tedious task but it works. Never use nulled themes/plugins and use strong admin login pass. Lastly, never trust with giving anybody your login credentials. I do not trust even freelancers.
Just my 2 cents
Good luck!
 

wolf3000

Junior Member
Joined
Aug 8, 2019
Messages
135
Reaction score
49
I'm no security experts but I faced similar situations. I hired a freelancer from fiverr who implanted the virus on my web host files.

In this case, if you are not tech savy (code), it will be very difficult to remove the virus code. In fact even if you remove it, it can regenerate itself again and again.

The best thing, would be to copy your pages/post texts and urls, images and other contents you feel valuable manually and store it offline . Then remove all the files from your hosting file manager and clean the recycle bin as well. After that, ask your hosting provider to wipe it clean and if possible ask them to move your site to another server.

Next, manually restore each and every pages to your new server. It's quite a tedious task but it works. Never use nulled themes/plugins and use strong admin login pass. Lastly, never trust with giving anybody your login credentials. I do not trust even freelancers.
Just my 2 cents
Good luck!

Wow, that's messed up. Thanks
 

BulltenWeb

Junior Member
Joined
Jan 15, 2020
Messages
186
Reaction score
64
The some theme/plugin is surely have bad code which is creating a bad ads.
 
Top