Malware & Wordpress
-
Google has identified Malware on on eof our Wordpress sites. In webmaster tools it names the 10 pages where code has been injected.
I cant' find them easily via the WP dashboard and wondered if anyone had had any experience of this and what steps they took?
Plus are there any measure I can take to fight against this? The site is on the latest WP version.
Thanks,
Colin
-
Thanks Majid,
Sucuri Scanner looks good. I wonder if you had any experience of it?
If it can remove the malware as well as alerting me of any future hacks it would seem money well-spent.
Colin
-
Thanks Marie (and Dan and Majid),
I am going through the plugins and widgets now. I re-installed a clean version of the Theme too but not sure if I've done that too soon if the script is still there.
I can see the page titles in Webmaster Tools but cant' find the actual pages on the server to delete, in case that helps.
I will definitely look at the security suggestions and resources suggested. Thanks for the tips.
Marie I will PM you too if I may.
Thanks guys,
Colin
-
That would be ok if you use these plugin as well :
http://wordpress.org/extend/plugins/sucuri-scanner/
-
Colin
Any luck with this yet? I'd follow Marie's good advise and first be sure everything is updated. Then try these things to find it;
- Disable each plugin one by one and see if it goes away.
- Can you see the code when you view source or use a tools like browseo.net or shut off CSS? If you can see the location of the injected code you may be able to tell where it was inserted.
- If you can't see it viewing source or with browseo etc - try doing a Google cache: search and view in text only.
- Check your widgets.
- Check your .htaccess file
Once you find it definitely check out this document on securing wordpress.
Let us know how it goes.
-Dan
-
Definitely keep your plugins updated. Plus, if you use Timthumb on any of your sites, do some research on Timthumb vulnerabilities.
Make sure you change all of your wordpress passwords after cleaning up.
And, if you get hit again, despite your cleanup, hire a professional! I had a nasty job done on one of my sites. My host thought they'd fixed it and it came back. I hired sucuri.net to fix it and after 3 weeks they were no further ahead. I hired a professional guy (pm me for the name if you want to hire him) and it took him a while but he figured it out. Not all malware issues are that complicated though.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Want to move site to wordpress and keep links without using redicrects
I have an old cluny site that has been around for about 56 years. It is on the homestead platform. I want to move the site to a thesis theme 2.1 wordpress platform without losing my links. I would prefer not to do 301 redicrects. With thesis I can specify the URL for each page of the wordpress site, however the wordpress site is hosted on hostgator as a subdomain of another site and the other problem is that wordpress adds a back slash that is not present on the old site. I can, however add .html to the URL's for pages on the wordpress site to conform to the URL's on the old html site. Will this work? thx Paul p.s. the URL for my old site is www.affordable-uncontested-divorce.com
Technical SEO | | diogenes0 -
Best & easiest way to 301 redirect on IIS
Hi all, What is the best and easiest way to 301 redirect URLs on IIS server? I got access to the FTP and WordPress back office, but no access to the server admin. Is there an easy way to create 301 redirect without having to always annoy the tech in charge of the server? Thanks!
Technical SEO | | 2MSens0 -
Moving an eCommerce Site to Wordpress
I'm evaluating moving an established eCommerce I own over to a WordPress based site with a woocommerce plugin. My question is, does the added /category/ slug hurt SEO rankings at all?
Technical SEO | | CobraJones950 -
How To Find and Delete Erroneous Pages From My Wordpress Site
I've downloaded the Seomoz csv file from the crawl data on my site and it found lots of 404 errors, duplicate content, etc. The problem is that when i go to my wp-admin and look for the pages to delete them, I dont see them. Can anyone point me in the right direction? I've checked with HostGator and they say it's a WP problem. I need help locating where they are so i can clean them up or delete them. Thanks Mike
Technical SEO | | mikemunter0 -
Press Releases & Duplicate Content
How do you do press releases without duplicating the content? I need to post it on my website along with having it on PR websites. But isn't that considered bad for SEO since it's duplicate content?
Technical SEO | | MercyCollege0 -
301 Redirect & re-use
I have an old site which is being moved to a new tld due to re-branding. I understand I would do a series of 301 redirects from the pages of the old site to capture the authority and move to the new site. However, at some point in the future (probably 1-2 years) we may want to re-use the old site again for a different brand (it has a good brand, just not for what we're going after). Question is - can a redirected site be re-used at some point in the future? And if so, which site would new authority (links, etc.) go to?
Technical SEO | | uwaim20120 -
.%E2%80%9d breaking the URL in wordpress
My wordpress URL is breaking and there are 5000 not found urls in webmaster due to some code being added %E2%80%9d. This code stands for double quotation marks - " Now the question is, where has my site gone wrong? I will tell you the changes which i have made Deleted a Vbulletin forum - Half of the errors are due to the forum being deleted directly Upgraded to Wordpress 3.3 (crawl errors did not show on the same day. Much later) Upgraded to Blue host pro (crawl errors did not show on the same day. Much later) These are some of the speculations. But nonetheless i have no idea why this is happening. To give further hints, the Home page URL is being added to the original URL. http://www.marketing91.com/article/http://www.marketing91.com http://www.marketing91.com/article/http://www.wrodpress.org So these are a list of problems i am facing in URL. Now i have no idea why this is happening. I can account for the deletion of a vbulletin forum. But that accounts only for half of the crawl errors. So any replies or answers??
Technical SEO | | hith2340 -
Seomoz is showing duplicate page content for my wordpress blog
Hi Everyone, My seomoz crawl diagnostics is indicating that I have duplicate content issues in the wordpress blog section of my site located at: http://www.cleversplash.com/blog/ What is the best strategy to deal with this? Is there a plugin that can resolve this? I really appreciate your help guys. Martin
Technical SEO | | RogersSEO0