Malware & Wordpress
-
Google has identified Malware on on eof our Wordpress sites. In webmaster tools it names the 10 pages where code has been injected.
I cant' find them easily via the WP dashboard and wondered if anyone had had any experience of this and what steps they took?
Plus are there any measure I can take to fight against this? The site is on the latest WP version.
Thanks,
Colin
-
Thanks Majid,
Sucuri Scanner looks good. I wonder if you had any experience of it?
If it can remove the malware as well as alerting me of any future hacks it would seem money well-spent.
Colin
-
Thanks Marie (and Dan and Majid),
I am going through the plugins and widgets now. I re-installed a clean version of the Theme too but not sure if I've done that too soon if the script is still there.
I can see the page titles in Webmaster Tools but cant' find the actual pages on the server to delete, in case that helps.
I will definitely look at the security suggestions and resources suggested. Thanks for the tips.
Marie I will PM you too if I may.
Thanks guys,
Colin
-
That would be ok if you use these plugin as well :
http://wordpress.org/extend/plugins/sucuri-scanner/
-
Colin
Any luck with this yet? I'd follow Marie's good advise and first be sure everything is updated. Then try these things to find it;
- Disable each plugin one by one and see if it goes away.
- Can you see the code when you view source or use a tools like browseo.net or shut off CSS? If you can see the location of the injected code you may be able to tell where it was inserted.
- If you can't see it viewing source or with browseo etc - try doing a Google cache: search and view in text only.
- Check your widgets.
- Check your .htaccess file
Once you find it definitely check out this document on securing wordpress.
Let us know how it goes.
-Dan
-
Definitely keep your plugins updated. Plus, if you use Timthumb on any of your sites, do some research on Timthumb vulnerabilities.
Make sure you change all of your wordpress passwords after cleaning up.
And, if you get hit again, despite your cleanup, hire a professional! I had a nasty job done on one of my sites. My host thought they'd fixed it and it came back. I hired sucuri.net to fix it and after 3 weeks they were no further ahead. I hired a professional guy (pm me for the name if you want to hire him) and it took him a while but he figured it out. Not all malware issues are that complicated though.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Online shop - Long Titles & URLs acceptable?
Hi guys, We have this new online shop with over 1000 products (very technical products), synchronised with the SAP system of the company. So basically the page URLs are generated based on the following structure: Domain Name / Language / Product Category / Subcategory-1 / Subcategory-2 / Subcategory-3 / Product Name and Model Sometimes the URLs are over 130 characters length. Would this harm the shop's ranking, so should we really fix this, or it's something that can be ignored, having in mind the technical products in the shop? I would really appreciate your advice! Thanks!
Technical SEO | | Andreea-M0 -
No Local & Global Search Volumes Next to Competition%
Hi everyone at Moz, I am quite happy with the Moz tool but am surprised that search volumes do not seem available... What is the current status of the situation described in the Q&A below? http://moz.com/community/q/why-does-the-keyword-difficulty-tool-shows-no-search-volume When handling avg. of 1000 keywords and paying for a tool to calculate volume, competition & KEI I find it weird and annoying to find this information is not available. Does this mean that for each keyword one would have to enter it in the Google adwords keyword tool Thanks for your much needed help on this matter as this is difficult to sell to my clients and I need to make final Keyword choices soon and have no data availble. Greetings, Fries
Technical SEO | | Fries0 -
Duplicate page content & titles on the same domain
Hey, My website: http://www.electromarket.co.uk is running Magento Enterprise. The issue I'm running into is that the URLs can be shortened and modified to display different things on the website itself. Here's a few examples. Product Page URL: http://www.electromarket.co.uk/speakers-audio-equipment/dj-pa-speakers/studio-bedroom-monitors/bba0051 OR I could remove everything in the URL and just have: http://www.electromarket.co.uk/bba0051 and the link will work just as well. Now my problem is, these two URL's load the same page title, same content, same everything, because essentially they are the very same web page. But how do I tell Google that? Do I need to tell Google that? And would I benefit by using a redirect for the shorter URLs? Thanks!
Technical SEO | | tomhall900 -
Duplicate content + wordpress tags
According to SEOMoz platform, one of my wordpress websites deals with duplicate content because of the tags I use. How should I fix it? Is it loyal to remove tag links from the post pages?
Technical SEO | | giankar0 -
Does having mulitste wordpress with same templaes hurt you?
Ok seo guys, don't get crazy here I am not trying to build a link wheel or anything black hat that's why I am asking. I want to create several sites that are within my niche but cannot be on the same site because it just wouldn't make sense. So for the purpose of branding a company can we have multi sites with similar templates or does google not want this. I am not trying to rank these for the sole purpose of back linking but I want them all on a mulit site so they can have the same buddy press network. Let me know what you guys think.
Technical SEO | | JasonRae1 -
Redirecting ?iframe=true&width=80%&height=80%
I have a extra page that google has indexed: www.jaaronwoodcountertops.com/?iframe=true&width=80%&height=80% Google has it listed as a page with duplicate content as my index page. I've tried to redirect it but the redirect isn't working on this one. Anyone have an idea of how to deal with this guy?
Technical SEO | | JAARON0 -
Removing duplicate &var=1 etc var name urls from google
Hi I had a huge drop in traffic around the 11th of july over 50% down with no recovery as yet... ~5000 organic visits per day down to barley over 2500. I fixed up a problem that one script was introducing that had caused high bounce rates. Now i have identified that google has indexed the entire news section 4 times, same content but with var=0 var=1 2 3 etc around 40,000 urls in total. Now this would have to be causing problems. I have fixed the problem and those url's 404 now, no need for 301's as they are not linked to from anywhere. How can I get them out of the index? I cant do it one by one with the url removal request.. I cant remove a directory from url removal tool as the reuglar content is still there.. If I ban it in robots.txt those urls, wont it never try to index them again and thus not ever discover they are 404ing? These urls are no longer linked to from anywhere, so how can google ever reach them by crawling to find them 404ing?
Technical SEO | | Adsau0
