Page 1 of 2 12 LastLast
Results 1 to 15 of 22
  1. #1
    Bronze Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,231
    Thanks
    40
    Thanked 3 Times in 3 Posts

    Question Just discovered spam pages tacked onto our site

    Finally got time to look into Google Webmaster Team email re. the mobile-friendliness of our WordPress site. Went through it to find out specifics of what was wrong on our pages. Stunned to find the attached list of "pages" tacked on to the end of our URL (mygoforthegreen.com).

    They are even less mobile friendly than our site ... and frightening as I had NO idea they were there until now and the subject matter is not exactly in tune with our site's!!

    How do I get rid of them?

    Is there a way to stop this?

    Happy to provide any further info and very hopeful a Lounger can tell me what's going on.

    Thanks,

    Linda
    Attached Images Attached Images

  2. #2
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Were the pages actually there, on your site?
    Rui
    -------
    R4

  3. #3
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,486
    Thanks
    284
    Thanked 574 Times in 478 Posts
    Hmm, I think I've seen 2/3 warnings about WP vulnerabilities, maybe in plugins, over the last several months.

    The image suggests it's just spam, what/who is in charge of comments?

    The site appears to be clean (http://www.google.com/safebrowsing/d...rthegreen.com/) so it's not really a security problem for genuine end users, as far as I can tell.

    You might get marked down in Google results for it though.

    They show up with searches such as this. (hearing loss - is that a slur against Aboriginals away from 'civilisation and (re) education'?!)

  4. #4
    Silver Lounger lumpy95's Avatar
    Join Date
    Feb 2013
    Location
    Mojave Desert CA
    Posts
    1,842
    Thanks
    258
    Thanked 174 Times in 147 Posts
    As satrow suggested, those are usually links inserted in someones email account when a spammer gains access by figuring out your account password and sending them out via your address book. In an email account you would just change your password.
    You may have to reset your account with the correct url and a new password.

  5. #5
    Bronze Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,231
    Thanks
    40
    Thanked 3 Times in 3 Posts
    Just found all your replies. /Sorry. Had been checking email but for some reason, my request to have replies emailed didn't "take". Regardless, my responses...

    ruirib: no, the pages aren't there as far as I can tell. I tried to access one spam URL by copying it from Google Webmaster findings and pasting it in address block ... got a Page not found error. Is there somewhere else I can look?

    satrow: relieved that issue is not a security one for end users and thanks very much for checking our

    Re. comments: I'm in charge of them, but have seen nothing here. Akismet plugin blocks most of our comment spam.

    You're right re. ranking: it was Google who notified me as part of their "now you are unimportant to us if you aren't mobile-friendly" proclamation (oops, sounds a bit cynical, but Google has far too much power methinks). Given we aren't ranked well currently, should I just forget about these pages or...?

    lumpy95: hmm. Will consider switching password after hearing back from ruirib and satrow. Just recently changed username from the default "admin".

    Many thanks for all your thoughtful input. This is a whole new issue I've never seen before.

    Linda

  6. #6
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,486
    Thanks
    284
    Thanked 574 Times in 478 Posts
    Linda, this could be an ongoing issue with WordPress, it seems that there are still vulnerabilities in their system that they've yet to figure out a patch to fix: http://www.theregister.co.uk/2015/04..._zero_day_xss/

    EDIT: There's a link to a WP Update in the last paragraph there.
    Last edited by satrow; 2015-04-30 at 11:03.

  7. #7
    Bronze Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,231
    Thanks
    40
    Thanked 3 Times in 3 Posts
    Thanks for the suggestion and link, satrow. I upgraded to 4.2.1 from 4.2 as you suggested so will see if that helps.

    One thing puzzles me: would this same WP error create unsee-able URLs/pages on a site as well as spam comments?

    Your linked article talked about hijacking JavaScript so comments aren't visible to be removed. Would that be the same for pages?

    Also, would you advise me to change my WP access password as well? I haven't done so recently so as not to create issues with my 2 outsourced admins (who work on site only occasionally).

    Appreciate your help and your super responsiveness!

    Linda

  8. #8
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,486
    Thanks
    284
    Thanked 574 Times in 478 Posts
    No problem, Linda. Security updates are always good

    It's the spammers that are creating the hidden [IMG} links, I'd guess, we have similar problems in fora, the images remain hidden until you do a Left click +drag across the 'blank' area or from within the forum editor. From the outside world, they can show up in search result previews as well, esp. if they're in the upper part of the search result <- something like "[IMG]" site:yourWPsite.com might give some hits if you study the results page.

    Not sure on the 3rd Q, I don't 'do' any CMS.

    Yes, it's advisable to change your password after anything suspicious, also change any related/similar passwords for other sites.

  9. #9
    Bronze Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,231
    Thanks
    40
    Thanked 3 Times in 3 Posts
    Wow, satrow, you were right. I tried ("*" site.mygoforthegreen.com) and got pages of spam results, mixed in with valid pages. Yikes!

    I will change my site password right away.

    Realise you aren't a CMS guru, but would you suggest I go to WordPress or to our server host re. the issue? Or is this just life in the 21st technological century and I just have to endure it? After all, hard as it is to believe, even the fora gets this junk!

    Thanks again for all your wisdom and help!!

    Linda

  10. #10
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,486
    Thanks
    284
    Thanked 574 Times in 478 Posts
    I would get in contact with WordPress, try their forum/support topics first, if you don't find anything relevant, create your own topic/query or fire off an email or two.

    Similar for your hosting company, ensure that they are keeping the server and software updated - but I don't know anything about what's needed to host WP either.

  11. #11
    Bronze Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,231
    Thanks
    40
    Thanked 3 Times in 3 Posts
    Thanks, I'll contact both. Changed password, but -as you suggested - it's not likely how the scammers gained access.

    Will post results of support requests in case responses can help other Loungers.

    Thanks again,

    Linda

  12. #12
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,486
    Thanks
    284
    Thanked 574 Times in 478 Posts
    You might want to consider an anti-spam filter/plugin for your site, Linda.

    I've been working recently with data from https://cleantalk.org/ and their anti-spam system, I see an awful lot of reports submitted via their WP plugins, suggesting that it's pretty efficient for some spam types. Not sure whether it would have much of an impact, if any, on what you've recently experienced though, esp. if they gained entry via a WP vulnerability.

  13. #13
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    For Wordpress, Akismet is a good anti-spam choice that works. Depending on the number of submissions, it may even be installed without the need for a payment.
    Rui
    -------
    R4

  14. #14
    Bronze Lounger
    Join Date
    Sep 2002
    Location
    Naples, Florida, USA
    Posts
    1,231
    Thanks
    40
    Thanked 3 Times in 3 Posts
    Thanks for suggestions re. anti spam filters. I do have Akismet installed and it catches a LOT of comment spam. Not sure what one gets for a whole WP site, however.

    Have been reading through posts on WP forum re. similar issues to get some ideas for how to correct it and have heard back from our ISP with suggestions for deleting existing spam linked content. Will post details once I figure out exactly what to do.

    Sure appreciate all the help...not s surprise, however, coming from this Lounge!

    Linda

  15. #15
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,746
    Thanks
    171
    Thanked 649 Times in 572 Posts
    This article at ZDnet today may be of interest: WordPress: is it safe to use for my websites?

    Bruce

  16. The Following User Says Thank You to BruceR For This Useful Post:

    satrow (2015-05-08)

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •