Malware & Wordpress
-
Google has identified Malware on on eof our Wordpress sites. In webmaster tools it names the 10 pages where code has been injected.
I cant' find them easily via the WP dashboard and wondered if anyone had had any experience of this and what steps they took?
Plus are there any measure I can take to fight against this? The site is on the latest WP version.
Thanks,
Colin
-
Thanks Majid,
Sucuri Scanner looks good. I wonder if you had any experience of it?
If it can remove the malware as well as alerting me of any future hacks it would seem money well-spent.
Colin
-
Thanks Marie (and Dan and Majid),
I am going through the plugins and widgets now. I re-installed a clean version of the Theme too but not sure if I've done that too soon if the script is still there.
I can see the page titles in Webmaster Tools but cant' find the actual pages on the server to delete, in case that helps.
I will definitely look at the security suggestions and resources suggested. Thanks for the tips.
Marie I will PM you too if I may.
Thanks guys,
Colin
-
That would be ok if you use these plugin as well :
http://wordpress.org/extend/plugins/sucuri-scanner/
-
Colin
Any luck with this yet? I'd follow Marie's good advise and first be sure everything is updated. Then try these things to find it;
- Disable each plugin one by one and see if it goes away.
- Can you see the code when you view source or use a tools like browseo.net or shut off CSS? If you can see the location of the injected code you may be able to tell where it was inserted.
- If you can't see it viewing source or with browseo etc - try doing a Google cache: search and view in text only.
- Check your widgets.
- Check your .htaccess file
Once you find it definitely check out this document on securing wordpress.
Let us know how it goes.
-Dan
-
Definitely keep your plugins updated. Plus, if you use Timthumb on any of your sites, do some research on Timthumb vulnerabilities.
Make sure you change all of your wordpress passwords after cleaning up.
And, if you get hit again, despite your cleanup, hire a professional! I had a nasty job done on one of my sites. My host thought they'd fixed it and it came back. I hired sucuri.net to fix it and after 3 weeks they were no further ahead. I hired a professional guy (pm me for the name if you want to hire him) and it took him a while but he figured it out. Not all malware issues are that complicated though.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Faq problem in wordpress website
hi hi i add script faq in my site but doest show in serp and add moudle ithink may be problem in version wordpress or theme not stable ... my site url is https://giftmax.ir example when i search" خرید گیفت کارت" my competitor show faq script but my site doesnt show please help to resolve this problem thanks moz
Technical SEO | | ahmad21aga0 -
Please Help! Crawl & Site Errors - Will This Impact My SEO?
Hello Moz, I need urgent help. I remove a tonne of product pages and put everything into one product page to deal with duplicate content. I thought this was a good thing to do until I got an email from Google saying: "Googlebot identified a significant increase in the number of URLs on ****.com that return a 404 (not found) error. " I checked it out and found the problem: 4 Soft 404's
Technical SEO | | crocman
41 Not Found's What do I need to do to fix this? Is it a problem or should I just ignore? I removed all the pages on WordPress but I need to do it somehow manually through Google? I have worked so hard on my SERP's that this will destroy me if I'm penalised. Please can someone advise?0 -
How to optimize Wordpress.org hosted blogs
I've got a blog I'm working on that isn't self-hosted. I've attached a screenshot of the message I get if I try to install any plugins. I really want to block archive, author, tag, category, etc pages but I can't seem to find a way since there's no server for me to block via robots.txt or .htaccess and I can't actually install these plugins which would give me the ability to do it. Any suggestions? vQfnt
Technical SEO | | ShawnW0 -
Updating old blog posts in Wordpress to appear more recent?
I'm doing work for a law firm that has a lot of blog post content from 2010-2011 ranking for long-term keywords. These pages are displaying date snippets in SERPs, but because legal information can change year to year, I don't want the content to appear as though it's 2-3 years old. The date of the post is in the URL structure, so I can't change the publication date w/o changing the URL. So my question is twofold: is there a way to show an updated date snippet in search results, or block the date snippet from showing, even if the date is in the URL? Or are there other options - creating pages for each of these posts and 301ing them to the page that has a cleaner URL, etc.? Thanks in advance for your help!
Technical SEO | | dchristensen30 -
Proper way of handling wordpress urls and redirects?
I have recently changed some of my urls in wordpress + adding a sub category in the url structure. from
Technical SEO | | Livet
www.mydomain.se/category/subcategory to www.mydomain.se/category/subcategory/subcategory2/ My products are stil under www.mydomain.se/products/cool-product and are not affected. Should I 301 the old url (www.mydomain.se/category/subcategory) to the new (www.mydomain.se/category/subcategory/subcategory2/)? If that is so, can someone recommend a good 301 redirection plugin? Thanks!0 -
Moving an eCommerce Site to Wordpress
I'm evaluating moving an established eCommerce I own over to a WordPress based site with a woocommerce plugin. My question is, does the added /category/ slug hurt SEO rankings at all?
Technical SEO | | CobraJones950 -
Parked & primary domains
Aloha, I am completely new at this, so please forgive me if I am not describing my question very well, or if these questions has been asked many times before! My husband and I have an LLC and a DBA which sell the same products (although with different emphasis). For the LLC and DBA we have different domains, but we would like for both domains to lead to the website. To do this I have set one domain as primary (makanagardens.com) and the other as parked (bigislandcoffeeroasters.com). My questions are these: Since both domains have the same content, could I be "demoted" by google for duplicate content? I have submitted sitemaps for both domains to google and bing. Is that alright? Does it matter which domain name we link-build upon? So far I have been link-building upon whichever domain is applicable at the time. Thanks!
Technical SEO | | makanagardens0 -
Iframes & SEO
I've got a client that wants a site with all content in iFrames. They saw another site they liked & asked if we could do it. Of course we can technically. How big a negative hit would they take with SEO? Is there anything we can do to mitigate it, such as redirects, etc? Thanks for the help!
Technical SEO | | wcksmith0