_oembed_ good or bad ?

  • Hi,

    I tried posting about this issue to bbpress.org and it has been suggested I should post this here

    Looking at my meta post table and I have found some records with _oembed_2e8711f888cd3c30d8e…… {{unknown}}in it.

    I have found some information that if I embed videos into a post I would expect this, but I don’t, I don’t put links into my site at all. So does anyone know why I might have them ?, should I worry about them ?

    I have been deleting these, in the past 3 weeks over 900 records have been created in my metapost table. anyone know why ?

    Looking at the “odd” records with _oembed in the postmeta table, I am concerned that some of these are left over records from spam here is the contents of one.
    <a href="https://www.reddit.com/r/FortniteBattleRoyale/comments/ah71o5/how_to_get_fortnite_skin_free_free_fortnite/?ref_source=embed&ref=share">How To Get Fortnite Skin FREE - FREE Fortnite Berserker Skin</a> from <a href="https://www.reddit.com/r/FortniteBattleRoyale/">FortniteBattleRoyale</a> </blockquote> <script async src="https://embed.redditmedia.com/widgets/platform.js" charset="UTF-8"></script>

    why is this being left behind when I delete the spam reply ?

    I am not convinced that much cleanup happens, I have also notices that if I just go into Appearance / menus it creates draft posts with a post_type nav_menu_item and the following in postmeta

        _menu_item_type post_type
    _menu_item_menu_item_parent O
    _menu_item_object_id S
    _menu_item_object page
    _menu_item_target
    _menu_item_classes a:1:{i:O;s:O:’”’;}
    menu item xfn
    menu item un
    _menu_item_orphaned 1559640252

    when should these get deleted ?

    Hope this makes sense to someone out there

Viewing 14 replies - 1 through 14 (of 14 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Menus are post types, so it makes sense that here’s a post_meta entry for each item.

    If you open the POSTS that have the embeds in the postmeta, what do you see?

    Thread Starter Clivesmith

    (@clivesmith)

    Hi,
    I understand that menus are post type but if I just look at the menus it creates a “draft” which it keeps.

    The topics relating to the replies show nothing but text as they should but most of the replies are spam that have been deleted and leave behind the records in the postmeta table.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Try a plugin like “wp optimize” or “wp sweep” to see if they can safely clean out the drafts and deleted cruft.

    Thread Starter Clivesmith

    (@clivesmith)

    I have tried both plugins and optimized the db and after doing both the “_oembed_” records are still there.

    Thread Starter Clivesmith

    (@clivesmith)

    I just re-read my last reply above, there should have been a comma after the word both, as it looks like I only have 2 of the “_oembed_” records in the table, there are over 400 ! I manually deleted 600 a couple of weeks ago.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Have you scanned your site using a plugin like WordFence? This might be the result of a hack (or hacking attempt).

    Thread Starter Clivesmith

    (@clivesmith)

    I have had wordfence installed since day 1, I find it really good.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Run a “high intensity” scan of your site.

    Thread Starter Clivesmith

    (@clivesmith)

    It did not find any problems that I did not know about, just some changes I made to files.

    I lied it was not wordfence I had installed on that site but ithemes security, wordfence is on another one of mine. I installed it to run the test.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Are the new records still being created?

    Thread Starter Clivesmith

    (@clivesmith)

    Yes, there were some new ones overnight.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    I think you need to assume you’ve been hacked.

    Get a fresh cup of coffee, take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    Thread Starter Clivesmith

    (@clivesmith)

    I don’t believe I have been hacked, I have looked closer at the topic id most of them are attached to, and it had a link to twitter in the post, I had dismissed it as being just text, but it was a link, I have now fixed that (and made a note to use text and not visual when creating / accepting posts.)

    I have just found an article (https://polevaultweb.com/2019/05/clearing-the-wordpress-oembed-cache/) that suggests that the cache is not being cleared properly and it is a broken cache entry, so changing that post may have removed them automatically if I had not deleted them manually.

    Thanks for you help, I will see what happens now.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Interesting. Thanks for letting us know!

Viewing 14 replies - 1 through 14 (of 14 total)
  • The topic ‘_oembed_ good or bad ?’ is closed to new replies.