homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / WordPress
Forum Library, Charter, Moderators: lorax & rogerd

WordPress Forum

Wordpress Exploit
Is this significant - if so, what do I do?

WebmasterWorld Senior Member 10+ Year Member

Msg#: 4565707 posted 6:02 pm on Apr 17, 2013 (gmt 0)

So I have a site - let's call it chewy.tld - hosted on Wordpress.

I discover Google's warning saying "This site may be compromised" when inadvertently looking at the serp using the site: command.

Sure enough, there's all this nasty levitra / cialis code only seeable in the Google cache.

We lock down all the passwords, add increased security, and move from host gotchadaddy to some other more secure host for WP.

We clean out all the bad content and all looks well and Google slowly starts to reindex the clean pages.

A week later, I happen to be looking at new backlinks via Google Webmaster Tools.

Wow - what all those new backlinks?

I look at a few. There are thousands (close to 7k), all clustered around the last few weeks of March, 2013.

Upon closer look, the few I spotcheck are all "this site may be compromised" type blogs, all with backlinks to our site along with backlinks to compromised sites all over the place.

Yes, they all have a nice fat backlink to chewy.tld

So the attack is more than just an injection of bad code.

Holy c**p! Is anyone else seeing this?

How does one determine if this is one of those reportable things, or just a little bubble in the daily life of WP?


Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / WordPress
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved