RSS-Spider

Development, Ideas, Issues, problems, ßetas and what not…

wordpress hack <u style=’display:none’>

Filed under: Problems — Dave at 1:21 am on Saturday, April 26, 2008

Checking email for this site today I ran across this email from Google Search Quality. At first I thought it was a spam seeing as it was filled with crap about viagra & calliass but was shocked to find that this crap WAS on this blog. Well it seems an older version of Wordpress that I was running has a venerability allowing someone to update your theme files and post all sorts of CRAP into it with links leading back to thier spammy sites. Some one did this since I am a lazy sysadmin and didn’t update wordpress. Broke rule number 2 on the Google webmaster security check list…

Shame on me…

Dear site owner or webmaster of rss-spider.com/blog,

While we were indexing your webpages, we detected that some of your pages were using techniques that are outside our quality guidelines, which can be found here: http://www.google.com/webmasters/guidelines.html. This appears to be because your site has been modified by a third party. Typically, the offending party gains access to an insecure directory that has open permissions. Many times, they will upload files or modify existing ones, which then show up as spam in our index.

The following is some example hidden text we found at http://rss-spider.com/blog/:

How much weight will you lose on phentermine Drug screening phentermine Phentermine and pregnancy Pay pal phentermine 5 mg Appetite suppressants and phentermine Phentermine alternative Phentermine
[... snip ...]

In order to preserve the quality of our search engine, we have temporarily removed some of your webpages from our search results. Currently pages from rss-spider.com/blog are scheduled to be removed for at least 30 days.

We would prefer to have your pages in Google’s index. If you wish to be reconsidered, please correct or remove all pages (may not be limited to the examples provided) that are outside our quality guidelines. One potential remedy is to contact your web host technical support for assistance. For more information about security for webmasters, see http://googlewebmastercentral.blogspot.com/2007/09/quick-security-checklist-for-webmasters.html.

When you are ready, please visit https://www.google.com/webmasters/tools/reinclusion?hl=en to learn more and submit your site for reconsideration.

Sincerely,
Google Search Quality Team

8 Comments »

47947

Comment by chris

May 13, 2008 @ 6:46 am

This just happened to me too, and I found your site by trying to research the issue. Just wanted to let you know I was running Wordpress 2.5 and got hit with this, and the most current version is only 2.5.1, so it doesn’t even have to be an extremely old version of wordpress to be affected. :/

49563

Comment by Dave

May 23, 2008 @ 10:20 pm

Great… so it’s turn of XMLRPC for wordpress then.

79748

Comment by PISSED

February 16, 2009 @ 10:19 am

Damn it why don’t some of you assholes provide a solution instead of running your stupid mouths. And the Captcha on this site sucks.

79750

Comment by Dave

February 16, 2009 @ 11:26 am

@PISSED the solution is UPGRADE TO THE NEWEST VERSION OF WORDPRESS. Thats web admin 101. If you’re not going to take the time to keep up with the software on your system then you should expect hacks like this.

As for the reCaptcha sucking, then don’t post comments.

85394

Comment by NH

April 18, 2009 @ 7:35 pm

Guess what guys? It needs to be v2.7.1, all versions before that are vulnerable.!

90723

Comment by repli

July 25, 2009 @ 9:01 pm

I also find this happen to me!

90733

Comment by exchange lrvv

July 26, 2009 @ 6:45 am

great!all versions before that are vulnerable

91017

Comment by Cool Sunglasses

August 3, 2009 @ 5:40 pm

Well it was very nice of Google to let you know that it was happening. Did you recieve any penalties in PR for it?
-Candice

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>