I have a magento theme installed on a folder: http://mysite.com/mag/
On the main folder, mysite.com it's running a website on Zen Cart, so I created a folder called "mag" where I installed magento.
It worked until now..
Only the first page is loading when I access mysite.com/mag/, but when I click on a diffrent page I-m sent to the index page from: mysite.com (and the url showed is: http://mysite.com/mag/page-like-this.html)
So where is the problem?
It worked before, and right now it doesn't work any more..
So as was discovered trough our comments you have most probably been hacked in some way. There are a lot of steps to go trough to clean a website and its impossible for us to tell you what to look for without knowing what kind of attack you where a victim of.
But, you can safely delete all those .html files since they should not be part of magento/zend framework. Also look for weird javascript that would be encrypted. One very long string of minimized javascript somewhere at the end probably of all the html files and probably your main index.php file.
There is a lot of ressources online to help you I suggest googling "magento hacked" or some such thing.
Good luck!
Here's a stackoverflow question about some such hacks on magento.
Related
Let me start by saying I am not a highly experienced PHP individual but I am not a novice either.
It has been brought to my attention that my website has had a URL injected on every page with a spam link to an adult site. It is invisible but if you press control+F on any page and search for it, it will show up. Also, if you check the page source you can see where it has been added.
I started by doing the logical things:
1 - I downloaded the entire site locally and using Notepad++ searched through all the files for the url syntax. It returned no hits.
2 - Then I downloaded the entire database (SQL format) and searched it for the syntax as well. However, it too returned no hits.
I would have thought that syntax would show up in one of those two areas but it does not. What do I do now? Where else could this url be hiding and injected from?
Any suggestions would be highly appreciated.
Thanks!
Please check footer.php, functions.php in your wp-content/themes folder, general-template.php in wp-includes folder.
Next time integrate git with Wordpress to check for file changes.
Recommended to install Wordfence, jetpack plugins for better security.
I've just started doing some website work for a local business, and I noticed today that there's a very unwanted link at the bottom of their site, which is a wordpress site.
The site makes use of a woo theme called 'whiteLight', as well as woocommerce. I've tried disabling and reenabling all plugins that aren't well known and integral to the site's functioning, and I've sifted through a lot of the theme's files.
I can't find where this line is being added to the site. The line "<center>*bad link here*</center>" is being inserted right after the header and right before the closing body tag, on the home page only. The link in question is actually linking to naughty files inside a directory within the wordpress installation. It's not even taking users to an ouside site as far as I can tell.
I don't have FTP access to the wordpress directory yet, but I've requested it. I have very little experience with wordpress hooks etc, and am hoping someone can help me find a starting point in weeding out this unwanted link.
Thanks in advance!
WordFence is the best security plugin for WordPress. I'd recommend you follow the instructions at https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/
Another good resource to read is https://codex.wordpress.org/FAQ_My_site_was_hacked
I recommend you search all the files as norlesh suggested. If this was my problem I'd use Jetbrains PHPStorm to search all the files. Another much cheaper solution would be to use Textpad - https://www.textpad.com/
It's also possible that the link has been inserted into your database. If so you won't find it in your files. You'll have to search the database. Use a program like phpMyAdmin or MySQL Workbench to export the whole database to your machine. Then search the sql file for the URL. Alternatively use https://interconnectit.com/products/search-and-replace-for-wordpress-databases/ which is a handy tool you upload to the server. From there you enter db login details and search the database. Note if you use this script you should delete if off your server when you've finished using it, it's a huge security risk.
First off sorry for being a complete newb and if this is a something I shouldn't be bothering people with, but I am fairly new to PHP and I have been tasked by my employer to make a couple of changes to a website that seems to be written primarily in PHP.
The website is ems-uk.co.uk
I have been asked just to check the location on the maps that display on the pages but I can't for the life of me find the file to edit within the file manager. I can find exactly what I need to change when I "inspect element" in Chrome but cannot find anything even close in the index.php file and there appears to be no other files for separate pages.
Hope someone can direct me in the right area and sorry again if this is the wrong arena for a question like this.
A bit of inspection suggest this is an OpenCart powered CMS/ecom site with the Kuler Moment theme (skin 3). I'm not familiar with the OpenCart dashboard but you may be able to log in and configure the google maps module from there. Failing that I would look in the theme files for the location map section.
You're looking to it wrong. PHP is server sided, you're trying to edit things client side.
You will need access to the webserver and edit code there. If you're asking this I'm not sure if its good if you're editing pages on that website though.
I got a call from a customer who's Wordpress site is not working and I started taking a look at but I cannot understand what's going on there.
On the same server (only another directory) there are other wordpress setups running and they are working perfectly fine. So that's the first part that is kind of ... interesting.
When I logg in to the WP-Admin and access the page again it loads without any problems. Everything is displayed correctly. Same if I add a PHP GET-Parameter like ?anythinginteresting.
In the apache error logs I only find "PHP Notices" - nothing I would worry about.
Any hints? I'm going out of ideas right now...
Seems to be a caching issue as mentioned by #michealrmcneill it comes from the WP-Super-Cache Plugin. This plugin is not "knocked out" when disabled in WP-Admin it needs to be deleted in /wp-content/plugins/wp-super-cache/* to be removed. Addionally there are two files: wp-content/advanced-cache.php and /wp-content/plugins/wp-cache-config.php that are related to the plugin.
I just uploaded a Wordpress theme onto my Website.
I get url redirects to website when I am browsing though my website.
The malicious site it links to clickbank.com.
I have scanned all my files with TAC and exploit scanner, but it did not pick up anything.
this picture may help you to find the problem from Entries RSS.
check function.php or search for windows.location code in all project repo
you can search all code by notepad++
While this may not be a direct and final answer, because there are many possibilities.
You may also tell us what is your theme or installed plugins too if they are free for download, we may try.
You seems to be testing in localhost., IMO you may try to eliminate all possible factors first.
Did you install any plugins? (if so)Did you test also the plugins?
Did you scan your database for this link?
Sometimes this kind of problem also appear from Database side since some problematic plugin may put those link in DB, apart from using exploit scanner, you might have to manually check once.
After all, did you also try a clean install to test the theme?
In addition, if it is a very Wordpress specific questions, you may consider posting in Wordpress Stackexchange