1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Spam links in Wordpress header

Discussion in 'Black Hat SEO' started by microdot, Nov 5, 2012.

  1. microdot

    microdot Newbie

    Joined:
    Apr 5, 2009
    Messages:
    6
    Likes Received:
    9
    Hey BHW,

    Spam links keep appearing on one of my sites.. in the header. I've changed the passwords to everything - ftp, wp, sql, and deleted the links but every day they keep reappearing.

    Any of you guys know what could be causing the problem and how to deal with it?

    Many thanks
     
  2. Berkeli

    Berkeli Regular Member

    Joined:
    Oct 16, 2012
    Messages:
    352
    Likes Received:
    216
    Occupation:
    SEO
    Location:
    Above & Beyond
    Home Page:
    maybe one of the plugins installed are causing such thing ? or the theme ? it's probably best to ask from wp community forum though
     
    • Thanks Thanks x 1
  3. 1+1=2

    1+1=2 Junior Member

    Joined:
    Jul 14, 2009
    Messages:
    198
    Likes Received:
    29
    i think your website was hacked. although you changed all password but the attacker leaved a backdoor/webshell in your scripts, so he is able to access your site without knowing the passwords.
     
    • Thanks Thanks x 1
  4. figgity

    figgity Junior Member

    Joined:
    Feb 11, 2009
    Messages:
    185
    Likes Received:
    41
    Occupation:
    Working
    Location:
    The states
    You probably need to get your host to clean up your site. It was probably exploited through a backdoor or vulnerability in a script (such as Timthumb). This happened to me a couple of times, but it has all been rectified. Good luck!
     
    • Thanks Thanks x 1
  5. Ranko Jones

    Ranko Jones BANNED BANNED

    Joined:
    Mar 3, 2011
    Messages:
    1,677
    Likes Received:
    146
    had this recently and doing virus scans of my backups i pinned it down to a free wordpress theme id downloaded.

    so reuploaded a backup.
     
    • Thanks Thanks x 1
  6. -ReX-

    -ReX- Power Member

    Joined:
    Apr 26, 2012
    Messages:
    707
    Likes Received:
    274
    Location:
    Manly, Australia
    Yea, its usually a free theme or plugin that has code in it to do nasty stuff like spam links and deleting files etc.
     
    • Thanks Thanks x 1
  7. BlueZero

    BlueZero Power Member

    Joined:
    Jul 6, 2011
    Messages:
    500
    Likes Received:
    257
    Occupation:
    Webdeveloper, Project Manager
    Location:
    Byte in the Net
    Home Page:
    I had this prob before. I tried some WP security plugins, but that did not help. The problem is the eval php function. It is not possible to disable the function in php. So the solution is setup your permissions to files, so your webserver (apache, nginx) cant write to disk. Then you need to find the backdoor and delete it. The final step is to install php_suhosin which enables you to disable eval function.
    Now you'll be safe, but cant use eval ;-).
     
    • Thanks Thanks x 1