Malware & Wordpress
-
Google has identified Malware on on eof our Wordpress sites. In webmaster tools it names the 10 pages where code has been injected.
I cant' find them easily via the WP dashboard and wondered if anyone had had any experience of this and what steps they took?
Plus are there any measure I can take to fight against this? The site is on the latest WP version.
Thanks,
Colin
-
Thanks Majid,
Sucuri Scanner looks good. I wonder if you had any experience of it?
If it can remove the malware as well as alerting me of any future hacks it would seem money well-spent.
Colin
-
Thanks Marie (and Dan and Majid),
I am going through the plugins and widgets now. I re-installed a clean version of the Theme too but not sure if I've done that too soon if the script is still there.
I can see the page titles in Webmaster Tools but cant' find the actual pages on the server to delete, in case that helps.
I will definitely look at the security suggestions and resources suggested. Thanks for the tips.
Marie I will PM you too if I may.
Thanks guys,
Colin
-
That would be ok if you use these plugin as well :
http://wordpress.org/extend/plugins/sucuri-scanner/
-
Colin
Any luck with this yet? I'd follow Marie's good advise and first be sure everything is updated. Then try these things to find it;
- Disable each plugin one by one and see if it goes away.
- Can you see the code when you view source or use a tools like browseo.net or shut off CSS? If you can see the location of the injected code you may be able to tell where it was inserted.
- If you can't see it viewing source or with browseo etc - try doing a Google cache: search and view in text only.
- Check your widgets.
- Check your .htaccess file
Once you find it definitely check out this document on securing wordpress.
Let us know how it goes.
-Dan
-
Definitely keep your plugins updated. Plus, if you use Timthumb on any of your sites, do some research on Timthumb vulnerabilities.
Make sure you change all of your wordpress passwords after cleaning up.
And, if you get hit again, despite your cleanup, hire a professional! I had a nasty job done on one of my sites. My host thought they'd fixed it and it came back. I hired sucuri.net to fix it and after 3 weeks they were no further ahead. I hired a professional guy (pm me for the name if you want to hire him) and it took him a while but he figured it out. Not all malware issues are that complicated though.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Problem with Wordpress RSS feed and Feedburner
Just discovered a problem with my company site's RSS feed. I'm a bit embarrassed to ask, but I thought someone in the community might have encountered this -- and I cannot figure it out for the life of me! We had redirected our Wordpress feed to Feedburner. We publish at least once per week, but no posts after March 18 are in the feed: http://feeds.feedburner.com/TheClineGroup The standard (Wordpress) RSS feed page does not load: http://theclinegroup.com/feed/ Of course, I deactivated all plug-ins to see if one of them was the issue, but the problem(s) still existed. Thanks so much for any assistance!
Technical SEO | | SamuelScott0 -
Want to move site to wordpress and keep links without using redicrects
I have an old cluny site that has been around for about 56 years. It is on the homestead platform. I want to move the site to a thesis theme 2.1 wordpress platform without losing my links. I would prefer not to do 301 redicrects. With thesis I can specify the URL for each page of the wordpress site, however the wordpress site is hosted on hostgator as a subdomain of another site and the other problem is that wordpress adds a back slash that is not present on the old site. I can, however add .html to the URL's for pages on the wordpress site to conform to the URL's on the old html site. Will this work? thx Paul p.s. the URL for my old site is www.affordable-uncontested-divorce.com
Technical SEO | | diogenes0 -
Error 404, Wordpress adds the domain automaticly to the end of the pages, WHY?
Hello guys, I'm using wordpress and the Yoast to help me improve my SEO. Everything went well except for today because "Moz" found 404 errors when scrolling the website saying showing the domain of my website at the end of 12 url. For example :
Technical SEO | | abonnisseau
www.domain.com/service-1/www.domain.com www.domain.com/contact-page/**www.domain.com ** Do you have any idea where does that come from ? Thanks Alex0 -
301 vs 302 & Link Juice
Has any one come across any recent cases of a 302 link passing more link juice than before?
Technical SEO | | CeeC-Blogger0 -
Canonical & rel=prev / next changes to website a good idea or not?
Hi all, I decided yesterday to make a load of changes to my website, and today i woke thinking, should i have done that! So below is an example of what i have done (i will try to explain clearly anyway), can you let me know if you think what i have done would harm or help my website in search results etc... ok, so lets take just one category - Cameras And it has the sub categories - box dome bullet it also has other sub categories (which are actually features, but the only way i can show them on my site is by having them as a sub-category with its own static page, and adding the products to these as secondary categories) vandal proof high resolution night vision previously i have it set up so that every single category / sub category / feature had its own static page, with a canonical tag to itself (i.e cameras.html canonical was to cameras.html, vandalproof.html canonical was to vandalproof.html). Any of the categories / sub cats / features that had more than one page were simply not in search results due to the canonical pointing to "Page 1"... What i have now done: Last night i decided to change all this, now for all categories / sub cats / features i have add rel=prev / next where applicable, and removed the canonical from second / third / fourth pages etc, but left the canonical on "page 1". I also removed any keywords from page 2,3,4 etc and changed descriptions to just page "X" + category name. So for example, page one looks like: and page two looks like: I also went a little further (maybe too far) and decided that the features pages would canonicalize back to cameras so for those i now have: Page 1: Page 2: Any advice is welcome on the above, in regards to which way may be better and why, and obviously if anything jumps out as a mistake... Please advise James
Technical SEO | | isntworkdull0 -
Turn multiple Wordpress posts in to a PDF?
Has anyone any experience with creating a PDF from a bunch of posts from a wordpress site? I want to send some people a PDF of the latest posts within one of my blog categories. There is around 20 I want to pull in to a PDF Any ideas how to do this?
Technical SEO | | JohnPeters0 -
Site migration from Drupal to WordPress - Question about Drupal Back end
This is really a developer/Webmaster issue. The closest category available to select was "Technical SEO" - but technically, this isn't a question about SEO, per se. I am doing free SEO work for a local arts organization as my way of giving them a charitable contribution. Despite my advice to stay on Drupal and improve the site on its current platform, they want something easier to manage for volunteers. This is perfectly understandable, although not my recommendation. Of course, not knowing anything about SEO, their first impulse was to simply shut down the old site, cancel all of their old pages, point the domain to their new WordPress site and completely start over. Thank goodness I yelled "Halt!" before they went this far 🙂 They really have no idea what they are doing and I want to help guide them through this process in a way that preserves as much as possible their inbound links (they have tons of .edu and .gov links because they are a local community arts organization). Of course they don't understand how valuable these are, so I have a lot of educating to do. I am trying to get them a quote from a professional developer to help migrate from Drupal to WordPress. The only login information anyone has been able to send me is login to their FTP. No one seems to have a login for the Drupal CMS back end, and when I asked for it they looked like deer caught in headlights Can someone tell me, or even send me a screenshot of what the admin login page looks like for a Drupal site, so I can explain better to this client what I am looking for? I have no experience with Drupal, but surely, there is a backend where the site pages and content can be updated.? There must also be a database of customers/registrants, etc. not to mention a place where all the meta tags, etc can be entered and stored? Last but not least, if no one is able to find their site's Drupal login info, is there any way under the sun for me to retrieve it for them? I have a Developer in mind whose got loads of experience migrating from Drupal to WP, but he needs a .sql export file with the contents of the curent databse in order to give us a quote. Does anyone have any advice? (Other than "This should teach you not to offer your services up to charity!" LOL)
Technical SEO | | danatanseo0 -
Syndicated posts extracts on wordpress and impact on SERPS
On our main site (http://www.deeperblue.com) we've been syndicating posts (not the full posts just link and short extract) from a trusted partner of ours. These posts are listed as Diverwire Staff and point directly back to the original website. What i'm concerned about is the impact on SERPS - we don't want to be penalised by any of the search engines.
Technical SEO | | StephanWhelan0