David Cameron Law

Didn’t solve my problem with WordPress core files, had to use a plugin https://www.prelovac.com/vladimir/wordpress-plugins/smart-youtube

Bit a of a pain expecting my commenters to add a V to the http part of the video URL, but at least it works now. Had to add instructions on my site https://www.general-election-2010.co.uk/add-youtube-video-comments which is a bit irritating!

WordPress development team should add allowing both non admin users and commenters the option to post embeded content. Give it as an option for admins to decide who can and can not add embeded content into posts and comments.

David

I have a similar issue with Youtube videos submitted as comments.

I can submit a comment as admin and the embed code holds, but if a ‘guest’ user (not registered) posts a comment with embeded video, the code is deleted.

Are unregistered users meant to be able to post embeded videos? I’d like them to be able to without having to go to a lot of effort (so post the embeded code and it works).

I tried disabling the XHTML setting mentioned above, but apparently has no effect on comments.

David

I think you are right about it not been WordPress per se, who ever the hacker is they are targeting my WordPress sites and possibly 2.8.4 in paticular for links.

I’ve tracked down FTP access that resulted in the changes. I set FTP logs to save for just a month (in hindsight should have gone for 3 months) so got 1 month access data to work from.

I haven’t a clue how the hacker got my FTP passwords, but it’s multiple passwords and they are very random: I create passwords by randmonly bashing the keyboard and then make sure each one has upper/lowercase, signs etc… and anywhere up to 20 charachters, there’s no way they could be guessed.

I found a file under WordPress on one of the hacked domains wp-edit.php and a similar file under the stats folder (which is password protected) with a different name. It looks like the file was used to insert the code into the index.php files.

I’ve zipped it and added it to one of my sites, is it wise to post a link for others to see what it is?

I think I’ve cleaned all the domains that have been affected, but have no idea if the server has back doors to get back in.

Done the obvious changing passwords (started anyway, have about 200 to change!!!!).

I suppose I should be thankful the hacker so far has only been interested in stealing links, I had another server hacked a few years back and that was trashed!

David Law

I’ve found other WordPress 2.8.4 sites of mine (same server) compromised.

So far four domains, still checking others.

The theme so far is files I’ve checked have had their permissions changed to full write access (though one domain just had the index.php file changed), on the latest domain a file was uploaded to

/wp-admin/web/doorway-2009-10-18_20-56.zip

Which was unzipped to over 1,000 web pages of porn/viagra links etc… some of which was linked to from the home page (via the WordPress index.php file).

The hacked WordPress sites that have this content on are PR4, PR4, PR4 and PR5 (first hacked was the PR5), so far my lower PR domains are not touched, so looks like the higher PR domains are being cherry picked.

I’ve run chkrootkit that didn’t find anything.

I’ve looked through the logs, but I’m not proficient with server security, so nothing has jumped out at me as an issue.

I realise it could be a hacked server, but the cherry picking of higher PR WordPress domains suggests WordPress has something to do with this, particularly the 2.7 version of WP that wasn’t changed when two 2.8.4 version on the same domain was changed.

If someone had full root access to the server they could change all the index.php files from 50+ WP installations easily. Also the dates the files for each domain have been changed are different, last two I’ve found are the 16th and 18th of October. Why go to the hassle of hacking a server and change domains one by one over a period of weeks (first domain I found hacked was hacked before the 12th).

To rule out a hacked server other than chkrootkit (which found nothing) what else could I check?

If you are running WordPress 2.8.4 and have a PR4+ home page view source of the home page and see if you have any hidden links. I’ve found them mostly below the footer, but on one domain it was below the body tag.

David Law

I just made an AdSense version of Arclite for free download at https://www.google-adsense-templates.co.uk/arclite-free-adsense-ready-wordpress-theme.html

It’s got better ad placement than your current setup and doesn’t Easy AdSense plugin take some of your ad revenue? I know ohe of the popular AdSense plugins does.

My version of Arclite doesn’t take any of your revenue.

David

I have a lot of experience with AdSense and WordPress (I make AdSense Ready WordPress themes).

Your main problem is your ad placement, take a look at https://www.morearnings.com/2006/07/28/add-adsense-to-a-wordpress-blog/ and try to add the ad unit placed within the main content of a post. that placement can add at least 1% to the CTR of a poorly optimized site. I’ve got sites with CTR consistently above 6% using that format.

There’s code snippets on the page above.

I’m in the process of converting at least 15 popular themes to AdSense ready at https://www.google-adsense-templates.co.uk/tag/free-adsense-wordpress-theme converted one so far ??

David

Thanks Esmi, couldn’t get the above to work, but it made me think of a solution, ended up using this code:

<?php if($comment->comment_author_url != "") : ?>

Code for when there is a URL

<?php else : ?>

Code for when no URL.

<?php endif; ?>

Works exactly how I want it, added a little css to make the button look more like a link and only difference is when I hover over the button link no colour change (will fix that with css later).

Example at: https://www.free-funny-jokes.com/chuck-norris-jokes.html#comment-37410 where the ‘Joker’ comment is a form/button link, all the other comments didn’t have links as disabled the ability to add them to the theme ages ago.

Can renable commenters URLs now and not have to worry about loosing link benefit since Google fecked up how it treats the nofollow attribute!

David Law

I converted the original Blix to make Blix with AdSense/SEO (you must be one of my customers).

I’ll take a look at the above and see if I can find a solution which will be posted at https://www.google-adsense-templates.co.uk/wordpress-theme-blix-with-adsense-and-seo-optimisation.html where I offer support for my version of Blix.

David Law

I’ve been doing the first suggestion and also remove the form box for adding a URL for years (on over 50 sites) and though it prevents any author links from the comments the vast majority of comment spam is automated so it doesn’t stop spam. Akismet deals with the vast majority of the automated spam.

What it does reduce is the very low quality real comments just for links. You know the sorts of comments where the author tells you it’s a great post, but adds nothing to the discussion and they just so happen to have a keyword rich author name for the link ??

Replacing the author link for author name and removing the website URL form box is achievable at theme level, so no need for the developers of WordPress to do anything new. Edit your comments file and replace comment_author_link with comment_author and comment out the URL box.

Anyone worried this will stop people commenting, I’ve not had any problems, got posts with hundreds of comments. People want to comment.

David Law

I converted Talian to include AdSense (also SEO optimised it and added various code improvements) and sell it here https://www.google-adsense-templates.co.uk/wordpress-theme-talian-with-adsense-and-seo-optimisation.html for a small fee.

Also wrote an article on how to add AdSense to a WordPress blog here https://www.morearnings.com/2006/07/28/add-adsense-to-a-wordpress-blog/

The original Talian includes 2 AdSense units, they aren’t placed particularly well so ideally you’d remove them and start again. If you don’t that limits you to one more Ad unit.

Looking at your page I see 3 ad units shown already (3 is the max) so if you tried to add a ad unit to the sidebar it’s going to fail.

Good luck

David

Quick update on this.

Have found wordPress 2.5 has helped a bit and the super cache plugin as well. Still on the slow side (won’t be adding more posts), but much better.

Long term think I’m going to break the site into multiple WordPress installations, maybe 15,000 posts each.

David

LOL just typical, after posting this did another search and found a plugin that does the menu how I want it https://www.webspaceworks.com/resources/wordpress/31/

Only tried it a few mins, but looks like exactly what I was after so forget the bit above about the menu.

Unfortunately the site is still slow, so looks like it’s the size of the database that’s a problem. Am I going to have to limit the number of posts (that would suck) or is there something I’m missing?

David

This theme causes the above problems in the latest versions of WordPress, my wife wanted it for her picture blog https://www.3d-images.ws/ and so I converted it to an AdSense/SEO version of the theme and removed the above problem.

I’ve added a fix to this problem in the comments at https://www.google-adsense-templates.co.uk/wordpress-theme-beautiful-sunrise-with-adsense-and-seo-optimisation.html but it will mean the custom image no longer works in admin.

David

There isn’t anything obviously wrong with you site, Yahoo has it indexed so unlikely to be code that’s the problem

Looking at your backlinks on Yahoo (Yahoo more accurate than Google) https://siteexplorer.search.yahoo.com/search?p=http%3A%2F%2Fwww.ipod-cool.com%2F&bwm=i&bwms=p&bwmf=u&fr=yfp-t-501&fr2=seo-rd-se shows few incoming link, I see 3 that are not from your domain (not enough).

Note Google shows a lot less backlinks than Yahoo does, compare the backlinks of https://www.morearnings.com/ on (use link:domain.com search)-

Google 34
Yahoo 239

Although Google only shows about 10% in this case, most of the links shown on Yahoo will count towards Goggle rankings so don’t worry about Google showing a much lower number.

Google relies heavily on links, if your site lacks links it won’t be indexed long term. What you describe is what I’d expect to see, Google finds your site, indexed a lot of it, but then doesn’t come back for a while and so drops the indexed pages leaving only the home page indexed.

If this is the only problem gaining links will help keep your site indexed long term.

to check pages indexed do this search in Google-

site:domain.com

This will list all internal pages indexed, currently your site has just the home page indexed!

Not sure why you have the “iPod-Cool” added to the end of URLs. Are you using Google sitemaps? If so check it for errors, my guess would be you’ve made a mistake as I can’t see anything in your code to cause that and Google wouldn’t just add it for no reason. Another possibility is another website is linking to you with that type of link format.

Are your articles unique? If you are copying them from article sites they are highly unlikely to do well long term, too many people use the articles so Google filters most of them out or at least ranks most of them poorly. Articles are great, but unique is the way to go.

David

I’ve had that happen on a few blogs and it’s really irritating as the feeds aren’t as accessible as the real post! Had a popular singers name do this, was getting hundreds of visitors a day that converted and they started going to a feed which didn’t convert!

I think the reason is the links etc… are posted as txt in feeds, so where you have a link with keyword rich text like domain.com/this-great-phrase.html or whatever Google is counting it as text (which is what it is in these feeds) and so comparatively speaking the feed is more relevant to a search like-

this great phrase

Than the original post because the original post lacks this text!

I’ve started adding rel=”nofollow” to feed links to reduce the problem. View source of https://www.morearnings.com/2006/09/12/wordpress-theme-ocadia-with-google-adsense/ for an example: search for “comments via RSS Feed” to see the code you want to rel=”nofollow” these links. You’ll want to do similar for the menu feed links as well.

A lot of feed links are within the template files, but some are within the WordPress code (not directly editable) so it’s not easy to fix.

If you need more details of what to change feel free to ask.

In the major search engines ‘eyes’ the feeds will no longer have any links (unless you link directly to them), new posts will not have their feeds indexed and long term old feeds should be dropped from the index.

Downside to this is if anyone finds your site via a feed search (no idea if people search for feeds on Google?) your site won’t be found.

David