- This topic has 5 replies, 3 voices, and was last updated 5 years, 10 months ago by
.
-
Posts
-
I am really confused and am grasping here. My website, https://CoachingForDivorcedWomen.com, someone entered links in the footer to "porn" websites. These links appear on every page of my website, as well as every page in my wordpress dashboard. YES, everything is up to date. I updated today, and before today I updated it on November 1st.
https://CoachingForDivorcedWomen.com
I am trying to figure out how to remove these links. My server (Bluehost) did a scan that came out squeaky clean.
Any ideas, suggestions, tips would be extremely grateful!You need to find out which file the links where injected into so you can remove them.
I would try a plugin like Wordfence
or one which scans your files like Exploit scanner.https://wordpress.org/plugins/exploit-scanner/
I might contact sucuri and have them scan the site. The first entry links to a file on your site in a blog subdirectory. The others are all pointing to files on other sites. The code is in the footer script area, suspiciously close to the leadpages iframe. It could be coming from a compromised plugin. Try disabling all plugins. If it is still there, you'll know for certain it's not a plugin.
Regards,
Victor
https://victorfont.com/
Call us toll free: 844-VIC-FONT (842-3668)
Have you requested your free website audit yet?Thank you Braddolt and Victor! I will check those out. What is crazy, is that it is alo inside of my dashboard.
Victor, interesting you said it is suspiciously close to leadpages. Simply because the way I discovered this issue is that when people were opting into CindyJHolbrook.com they were being redirected to the CoachingForDivorcedWomen page with these words on it. However, I think I fixed the leadpage issue.
I did deactivate all of my plugins, and it is still there.
I will try both of your suggestions and let you know what happens.
I don't mean to be redundant - but it's in my dashboard, regardless where I go. This confuses me more than anything (see attached pic) Does this matter at all?
https://www.coachingfordivorcedwomen.com/wp-content/uploads/2017/11/Capture.pngCindy
My source code from my dashboard page. At the bottom it says ..
<div class="clear"></div></div><!-- wpwrap -->
Does this mean anything?Brad and Victor - THANK YOU AGAIN!!!
I found another plugin, Anti-Malware from GOTMLS.NET that scanned my site. It has a HIGH rating, and is really cool. It did not find "Known Threats" but did find potential threats, which helped me identify the culprit.
I'm super-duper proud of myself for figuring this out - but could not have done it without your help.
Have a great week!
Cindy
- The topic ‘Seems my main .css code in genesis was hacked …’ is closed to new replies.