No sooner is my website fully functional that it gets hacked. If you do a Google search with the link below, the results show spam keywords in the pages throughout such as "casino", "blackjack", "slot", "deposit", etc. But if I look through the pages, I don't see any of the spam.
Here is the Google search result: https://www.google.ca/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=site%3Arichardrosenman.com%20richard%20rosenman
I am not very advanced with Wordpress or PHP and I have tried searching. Can anyone help me figure out where it was hacked and how I can clean and protect it?
答案 0 :(得分:1)
Same happend with one of my client, he has only 15 posts in backend but google shows some wierd keywords and post which is crawed. To check this kind of posts/pages you have to look in the database. wp_posts table holds all the custom post types, pages etc, and display only the post that has publish status in post_status section.
To retrive all the published pages or post use the following query.
// will display all posts/pages etc.
SELECT * FROM `wp_posts` WHERE `post_status` = "publish"
// Display only Pages
SELECT * FROM `wp_posts` WHERE `post_status` = "publish" and `post_type` = "page"
// Display only posts
SELECT * FROM `wp_posts` WHERE `post_status` = "publish" and `post_type` = "post"
Now you know how to filter data, every record from this filtered data has a column post_author that holds the ID of the user that published that post/page.
Go to the wp_users table and check your user_login name and get the ID of your administrator account. And again filter the run a query in wp_posts table to filter the anonymous users data.
// Make sure you have only one administrator, replace 1 with your user id
SELECT * FROM `wp_posts` WHERE `post_author` not in (1)
// If you have multiple administrator then use the following, replace 1,5,6 with admin ID's
SELECT * FROM `wp_posts` WHERE `post_author` not in (1,5,6)
And final step is to delete that.
Important: Before Apply this action make sure to take backup first, so just in case you can retrive that data later.
Hope this help you.
答案 1 :(得分:1)
由于包含'social.png'并且存在垃圾邮件关键字,因此您可能遇到了CryptoPHP黑客攻击。有很多可以找到它(与Wordpress结合使用),幸运的是,如何清除它。