I've just started doing some website work for a local business, and I noticed today that there's a very unwanted link at the bottom of their site, which is a wordpress site.
The site makes use of a woo theme called 'whiteLight', as well as woocommerce. I've tried disabling and reenabling all plugins that aren't well known and integral to the site's functioning, and I've sifted through a lot of the theme's files.
I can't find where this line is being added to the site. The line "<center>*bad link here*</center>" is being inserted right after the header and right before the closing body tag, on the home page only. The link in question is actually linking to naughty files inside a directory within the wordpress installation. It's not even taking users to an ouside site as far as I can tell.
I don't have FTP access to the wordpress directory yet, but I've requested it. I have very little experience with wordpress hooks etc, and am hoping someone can help me find a starting point in weeding out this unwanted link.
Thanks in advance!
WordFence is the best security plugin for WordPress. I'd recommend you follow the instructions at https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/
Another good resource to read is https://codex.wordpress.org/FAQ_My_site_was_hacked
I recommend you search all the files as norlesh suggested. If this was my problem I'd use Jetbrains PHPStorm to search all the files. Another much cheaper solution would be to use Textpad - https://www.textpad.com/
It's also possible that the link has been inserted into your database. If so you won't find it in your files. You'll have to search the database. Use a program like phpMyAdmin or MySQL Workbench to export the whole database to your machine. Then search the sql file for the URL. Alternatively use https://interconnectit.com/products/search-and-replace-for-wordpress-databases/ which is a handy tool you upload to the server. From there you enter db login details and search the database. Note if you use this script you should delete if off your server when you've finished using it, it's a huge security risk.
Related
I'm currently trying to duplicate the WordPress instance my customer is running to do some testing before changing something in the live version. Sadly I can't figure out how to get all Data including the Woocommerce WebShop on my own Test-Server. My Test-Server is freshly installed and runs WordPress with MariaDB. All the Data I got from the customers Server is located in a Folder with the Name "www.WEBSITEOFCUSTOMER.at", I can't go higher into the Folder Hirarchy due to restrictions of his WebSpace Provider.
This is the Content of the "www.WEBSITEOFCUSTOMER.at" Folder
At some point it looked like I could just copy it over into my /var/www/html/wordpress/ but that destroyed my Test-Instance.
Assuming that I understand that you don't have deep and well knowledge about migration/transfers, I will suggest you to use the Duplicator Plugin to make your job without any issues. This plugin can packaging all your data in one file and then moving to another server/folder etc. you can extract the package with new address. But one notice here: You have to read how Duplicator works, then understand the process and then start to transfer. One good point to understand how the plugin works is to search on youtube where are many guides and examples to see. If you do one time you will not forget for ever. Like a bike in example ;)
Hope this help and if you meet any trouble during the process do not hesitate to ask again for further information.
I have a wordpress website, I created a customized php template to the homepage and loaded from the back-end in the template page settings.
During the last months everything was working perfectly when I change anything to the template code effects the homepage without any problems.
Suddenly, yesterday when I tried to upload a updated file, nothing changed on the homepage.
I remove the browser cache, and wordpress cache, used another device to check, without any luck.
The wordpress black admin tools bar appears on all sites pages so I can edit and control this page, but it's not appears on the homepage.
For sure I checked again the theme settings for the homepage and page template settings, and everything is correctly configured.
I tried to activate another theme, the surprise that I found the homepage still the same and all other pages changed to the new theme.
I am losing my mind due to this, and I don't understand what may happened.
Download your site on your computer and see whether it happens also on your own computer when simulating with XAMPP.
Are you sure that the new added files are really being uploaded to the server? did you check it up with downloading the files? Maybe the modified files could not been uploaded? Another thing would be that some new installed plugins are making those problems. Have you installed some new plugins like a plugin which are speeding up your wordpress site? There are some popular plugins which speed up your site with caching your whole site and working as a CDN.
Since i dont know which modification you do on your website it is difficult to find a solution. If those modifications are changes of articles then look into the database.
You could look into the SQL Database whether those new information are being saved. E.g. you try to post a new article. Is this article being saved in the SQL database? Do you see any errors on the page? Does this effect each page / section of your website or is it only for a specific module e.g. "image uploader"??
Did you try to replace a simple image on your site with another image ? Can you see the difference on the website? I would start with little steps to be sure whether this is a server issue, template issue or sth with unsufficient priviliges. There were also new wordpress updates, maybe they affected your template? Another thing would be to recover your complete site from a backup and see whether it works like before and be sure that your site has not been hacked.
Let me start by saying I am not a highly experienced PHP individual but I am not a novice either.
It has been brought to my attention that my website has had a URL injected on every page with a spam link to an adult site. It is invisible but if you press control+F on any page and search for it, it will show up. Also, if you check the page source you can see where it has been added.
I started by doing the logical things:
1 - I downloaded the entire site locally and using Notepad++ searched through all the files for the url syntax. It returned no hits.
2 - Then I downloaded the entire database (SQL format) and searched it for the syntax as well. However, it too returned no hits.
I would have thought that syntax would show up in one of those two areas but it does not. What do I do now? Where else could this url be hiding and injected from?
Any suggestions would be highly appreciated.
Thanks!
Please check footer.php, functions.php in your wp-content/themes folder, general-template.php in wp-includes folder.
Next time integrate git with Wordpress to check for file changes.
Recommended to install Wordfence, jetpack plugins for better security.
I just uploaded a Wordpress theme onto my Website.
I get url redirects to website when I am browsing though my website.
The malicious site it links to clickbank.com.
I have scanned all my files with TAC and exploit scanner, but it did not pick up anything.
this picture may help you to find the problem from Entries RSS.
check function.php or search for windows.location code in all project repo
you can search all code by notepad++
While this may not be a direct and final answer, because there are many possibilities.
You may also tell us what is your theme or installed plugins too if they are free for download, we may try.
You seems to be testing in localhost., IMO you may try to eliminate all possible factors first.
Did you install any plugins? (if so)Did you test also the plugins?
Did you scan your database for this link?
Sometimes this kind of problem also appear from Database side since some problematic plugin may put those link in DB, apart from using exploit scanner, you might have to manually check once.
After all, did you also try a clean install to test the theme?
In addition, if it is a very Wordpress specific questions, you may consider posting in Wordpress Stackexchange
I wish to duplicate my current website so I can play around and try new ideas, before putting them on my live site. The reason I want to duplicate is so I have all of the content etc, so I can see how it really looks. I understand I can just copy my entire WordPress install into another directory, but what do I do with my database?
Currently my WordPress is installed into the root directory, I will simple create a new directory called Dev. Then simple just add /Dev to my URL and voila, I can view my duplicated website.
But how do I deal with my database? I am using a MySQL database, hosted with GoDaddy.
(I want to change my hosting from GoDaddy to someone else once the renewal is up, mainly because of their support for SOPA. anyway that's for another time...)
If you have phpMyAdmin installed, you may export your wordpress database, then create a new database and import the .sql file you just exported. Next, configure the copied wordpress to use your new database. The configuration is in wp-config.php. Good luck :)
Like the other answers here i suggest you export your DB via phpmyadmin if can. You will however notice that all image URLS point to the old domain. To fix this run a find and replace script. I usually use this one: http://interconnectit.com/products/search-and-replace-for-wordpress-databases/
Good luck!
The simple way with GoDaddy is to log into your account, go to your hosting management and click the databases tab at the top and then look for phpMyAdmin.
Once in phpMyAdmin, go to the wordpress database and select the operations tab at the top and then use the "Copy database to:" feature.
If your version of phpMyAdmin doesn't show the copy database feature, you can export all tables of the database and import them into your duplicate database.
Hope this helps!
If you don't want to mess around with a new utility like phpmyadmin, you can install a wordpress plugin to back up your database. Then you can copy your files anywhere and use the same plugin to restore the database. I personally use UpdraftPlus - Backup/Restore.
It should be noted that moving your site to a new folder or domain will break a lot of the database data. A simple search and replace is not enough to fix it.
For more information, you can go here: Wordpress Codex