Malware & Wordpress
-
Google has identified Malware on on eof our Wordpress sites. In webmaster tools it names the 10 pages where code has been injected.
I cant' find them easily via the WP dashboard and wondered if anyone had had any experience of this and what steps they took?
Plus are there any measure I can take to fight against this? The site is on the latest WP version.
Thanks,
Colin
-
Thanks Majid,
Sucuri Scanner looks good. I wonder if you had any experience of it?
If it can remove the malware as well as alerting me of any future hacks it would seem money well-spent.
Colin
-
Thanks Marie (and Dan and Majid),
I am going through the plugins and widgets now. I re-installed a clean version of the Theme too but not sure if I've done that too soon if the script is still there.
I can see the page titles in Webmaster Tools but cant' find the actual pages on the server to delete, in case that helps.
I will definitely look at the security suggestions and resources suggested. Thanks for the tips.
Marie I will PM you too if I may.
Thanks guys,
Colin
-
That would be ok if you use these plugin as well :
http://wordpress.org/extend/plugins/sucuri-scanner/
-
Colin
Any luck with this yet? I'd follow Marie's good advise and first be sure everything is updated. Then try these things to find it;
- Disable each plugin one by one and see if it goes away.
- Can you see the code when you view source or use a tools like browseo.net or shut off CSS? If you can see the location of the injected code you may be able to tell where it was inserted.
- If you can't see it viewing source or with browseo etc - try doing a Google cache: search and view in text only.
- Check your widgets.
- Check your .htaccess file
Once you find it definitely check out this document on securing wordpress.
Let us know how it goes.
-Dan
-
Definitely keep your plugins updated. Plus, if you use Timthumb on any of your sites, do some research on Timthumb vulnerabilities.
Make sure you change all of your wordpress passwords after cleaning up.
And, if you get hit again, despite your cleanup, hire a professional! I had a nasty job done on one of my sites. My host thought they'd fixed it and it came back. I hired sucuri.net to fix it and after 3 weeks they were no further ahead. I hired a professional guy (pm me for the name if you want to hire him) and it took him a while but he figured it out. Not all malware issues are that complicated though.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Changing URL structure of site, including AMP - redirect AMP too?
So, I'm changing all the URLs of a site, including all its AMP URLs, I'll be redirecting all the normal URLs, but do I need to also redirect all the AMP pages?
Technical SEO | | alksfjasldfu934341 -
Duplicate Content from Wordpress Template
Hi Wondering if anyone can help, my site has flagged up with duplicate content on almost every page, i think this is because the person who set up the site created a lot of template pages which are using the same code but have slightly different features on. How would I go about resolving this? Would I need to recode every template page they have created?
Technical SEO | | Alix_SEO0 -
Wordpress vs. home grown directory
I just moved my blog from a wordpress hosted solution to my owner server and am really hopeful that all the SEO ready wordpress pages plus I downloaded Yoast SEO will move my site. I started with 9000 pages being moz indexed with tons of errors eyerywhere, I have almost fixed everything getting ready to do a google index. One question. I have a directory of businesses and events for my local mountain community that is home grown with about 200 pages. see here: http://www.destinationbigbear.com/directory/bigbeardirectory.aspx which has a PA of 21 which is the same as my DA 21 (I know terrible)... Should I migrate these 200 pages with images to wordpress to take advantage of all the nice SEO possibilities? I have staff and it would probably take about $600 bucks to do it. I would only have to put about ten 301's such as http://www.destinationbigbear.com/directory/contentcat.aspx?ParentID=7 would be http://www.destinationbigbear.com/big-bear-restaurants/ Thank you again to all, I am hopeful I can answer some questions in the future for people... I am learning alot! Nick
Technical SEO | | nickcargill0 -
Implementation of rel="next" & rel="prev"
Hi All, I'm looking to implement rel="next" & rel="prev", so I've been looking for examples. I looked at the source code for the MOZ.com forum, if anyone one is going to do it properly MOZ are. I noticed that the rel="next" & rel="prev" tags have been implemented in the a href tags that link to the previous and next pages rather than in the head. I'm assuming this is fine with Google but in their documentation they state to put the tags in the . Does it matter? Neil.
Technical SEO | | NDAY0 -
Internal Wordpress blog ranked and not the main page
hello www.mysite.com/blog is ranked higher than www,mysite.com. i am trying to find the reason for the blog to rank higher which is not my goal. the blog reached the second page and the main domain is no where to be found. is there anything on Wordpress setup that may cause this? thanks
Technical SEO | | ciznerguy0 -
Different Domain Structure & hyperlinks pointing to them_Need Clarification
Hi, I have a question regarding the Domain Structure and hyperlinks should point to. I know that all of the below domain/URL structure are different. The first thing I have read is that we should do 301 redirect from non www domain.com domain.com/ to www domain/site URL. www.domain.com www.domain.com/ What about the trailing slash, does the Google considers the building links to www.domain.com/ is same as with out trailing slash, www.domain.com Or we have to any 301 redirect for these domain URL format as well. Please clarify my doubt. The same doubt is there for these two URL Structure as well. http://www.domain.com (Root domain with out trailing slash) http://www.domain.com/ (Domain with trailing slash) And if I am concentrating on my Homepage what is the best URL structure to follow whether the root domain or the domain with trailing slash. Can someone please clarify above doubts Thanks Vicky
Technical SEO | | vickygoal0 -
Duplicate Content via a product feed & data
We have uniquely created all of our product content on our website (Titles, product descriptions, images etc). However, we are also a manufacturer of these products and supply to a number of trade customers. These customers often wish to setup their own websites to re-sell these products. In the past we have quite happily given this content in order to assist our customers sell on their sites. Generally we give them a 'data dump' of our web data and images, but reading about duplicate content this will lead to the search engines seeing lots of identical content on these customer sites. Whilst we wish to support our customers we do not want to harm our (and their) site by issuing lots of duplicate content around the web. Is there a way we can help them with the data without penalizing ourselves? The other issue is that we also take this data feed and use it to sell on both Amazon & Googlebase. Will using this identical data also rank as duplicate content as a quick search does show both our website and amazon product page? When creating Amazon listing do these need to vary from the standard website descriptions? Thanks
Technical SEO | | bwfc770 -
Iframes & SEO
I've got a client that wants a site with all content in iFrames. They saw another site they liked & asked if we could do it. Of course we can technically. How big a negative hit would they take with SEO? Is there anything we can do to mitigate it, such as redirects, etc? Thanks for the help!
Technical SEO | | wcksmith0