Someone places spam links in my header.php

  • Hi,
    A few weeks ago I noticed I was getting a lot of traffic through the search term “casino”. I checked my header.php and found a bunch of hidden links. Nest time it was the footer.php. So I upgraded to 2.1.5 but The same links keep showing up in either the header or footer.

    Any suggestion to what is attacking my site? (https://filipstad.ifolkmun.se)

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="https://www.w3.org/1999/xhtml">

<head profile="https://gmpg.org/xfn/11">

<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php bloginfo('charset'); ?>" />

<title><?php wp_title(' '); ?> <?php if(wp_title(' ', false)) { echo ' : '; } ?><?php bloginfo('name'); ?></title>

<meta name="generator" content="WordPress <?php bloginfo('version'); ?>" />

<link rel="stylesheet" href="<?php bloginfo('stylesheet_url'); ?>" type="text/css" media="screen" />

<link rel="alternate" type="application/rss+xml" title="<?php bloginfo('name'); ?> RSS Feed" href="<?php bloginfo('rss2_url'); ?>" />

<link rel="shortcut icon" href="/favicon.ico" />

<link rel="pingback" href="<?php bloginfo('pingback_url'); ?>" />

<?php wp_head(); ?>
<u style=display:none>
<a href="https://www.bsu.edu/blogcaster2/aaron/wp-content/uploads/casino/free-money-casino-8-24_6.html">free  and so on...............
Viewing 8 replies - 1 through 8 (of 8 total)

  • It’s possible they are part of your theme – the author put them in.
    Where did you get it?

    Thread Starter trig338

    (@trig338)

    It’s a respectable theme (i hope) – simplicity by Solostream (recently turned in to a premium theme)

    Yea – that’s not a scab theme.
    I suppose you’ve already tried uploading fresh header.php and footer.php.
    It sounds like an injection/exploit of some kind. May be time to contact your host and advise them of what is happening.

    Beware: Spammers have been known to steal legitimate themes, remove the original designers’ credits, add spam links, and then offer them for download as their own “free” themes. Make sure that you download themes from a reputable, original source.

    Redownload the theme and check for the spam code in the freshly downloaded copy. If it’s not there, then you have been hacked.

    https://www.bsu.edu – looks like a student at some uni, report the sucker ??

    Moderator Samuel Wood (Otto)

    (@otto42)

    www.ads-software.com Admin

    hotkee: Nah, his site might have been hacked as well.

    Otto42 – oops, good point

    Thread Starter trig338

    (@trig338)

    Thanks for all advise – I suspect that someone registered a phony user. I’ve deleted all unknown users and changed all passwords. If I get another attack I’ll contact the hosting company.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Someone places spam links in my header.php’ is closed to new replies.