Spam – Removal from Google’s Index

  • My blog first got penalized by stopbadware.org because it had hidden spam which was injected into it. I updated WP to 2.3, removed the injection, updated passwords and submitted a re-consideration. My site came out of penalty.

    On 4th April, I got an email from Google saying that your site is being removed because it has hidden spam in it. I checked and the same WP blog had the spam. I again updated wp, changed passwords, remove the spam manually but it keeps coming back. I have no idea how to get rid of this

    Please help.

Viewing 8 replies - 1 through 8 (of 8 total)

  • You have to check which files are injected. You can upgrade WP, but if files from your theme are corrupt, upgrading doesn’t help if you use the old theme! There are people on this forum who can talk you through this much better than myself, since (fortunately) I have no experience with this, but my suggestion is that you start with looking through the files to find out where the spam is put into.

    [btw.] I don’t know what kind of spam we’re talking about, but are you running anti spam (comments, pingback, trackback) plugins?

    Thread Starter hsaleem

    (@hsaleem)

    It’s hidden text and links that show up when I check the HTML code.

    payday loan in georgiaadvance fax loan no paydayloan till paydayloan oneclickcash paydayace cash advanceadvance cash fast loan paydayadvance cash overnightsame day cash advance,same day cash advance loanfirs

    I think Gangleri must be right and that it’s the theme that’s the problem. Have you tired switching to a new theme (and deleting the old one on the server)?

    I have just discovered this problem on my site, where I was downloading wp-contents before upgrading from 2.3.3 to 2.5.1.

    I can see the HTML files in wp-contents, but I do not know how to check the theme for the injections. I will look at the theme files to see if any have changed recently.

    Can anyone offer any other advice? One thing I do not seem to be able to find is the correct permissions that should be set for each folder. Is there a list somewhere? I cannot find it.

    This happened to me too a few months back. The spammer had injected some base 64 code into my database that caused spam in the header. Found an article that has more information about how to fix this:
    https://www.mydigitallife.info/2008/06/10/wordpress-hack-recover-and-fix-google-and-search-engine-or-no-cookie-traffic-redirected-to-your-needsinfo-anyresultsnet-golden-infonet-and-other-illegal-sites/

    Hope that helps–
    Trisha

    Save yourself a LOT OF TROUBLE and make your WP files and directories READONLY (except for the upload directories if you need them) for any one except yourself and the webserver. That server should never be running in a privileged account. If that is a requirement, think of changing eitehr you r access scheme or your server.
    Secure your access data from access by a browser. Jutst the PHP module/engine needs to know. Not the server.

    Willem – any chance you can post a how to on doing that?

    Even the Codex page on Hardening WordPress uses the same generic terms you use and some of us need a little more hand holding – like being told the permission numbers to use

    e.g. should the wp-admin directory be 644 or stronger? If so, what?

    Hope you can help on this

    Gaz

    permissions:

    directories: 755
    files: 644

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Spam – Removal from Google’s Index’ is closed to new replies.