Urgently, some porn links has been added to my directory

I just received an email asking for remove his link. He told me there are some porn links in my source code.

Just checked, there are really some porn links in source code, adding "display:none" in the end. And I have checked foot.tpl main.tpl .
, but there is no porn links codes there.

What files I should check?

Here is url: www.submission4u.com


Any help is appreciated.

 

It really helps if you mention directory script u are using cause not everyone is going to go to the url u posted.

Cheers

 

I may be wrong but my guess would be that someone has inserted some type of iframe into your code using your contact form. This actually happened to one of my sites a long time ago (not a directory)

The hidden links in question are appearing after the footer

 

Sorry, I am using phpld.

 

I would head over to http://www.phplinkdirectory.com/forum/ asap ?

 

Yes, that is the best advice. Go to the forum and ask for advice there.

 

I know that, but I can't find any iframe in the code.

Just posted there, but David is not in

 

I could help you with it. I'll need FTP access. PM me the details .

 

Could you tell me which file I should check, I may not share the FTP access to others as there are 10 sites there which are not all mine.

 

If it was done by 'injecting' an iframe by using the contact form you may have also received a strange contact via email.

I know that this can be difficult to find and since it appears outside the </body> tag it is probably not in the footer and perhaps not even in a tpl file. I would recommend that you take a look at the files in the root directory and not the templates folder.

It may not be the case with your situation, but when it happened to me the iframe was added to the very bottom of several different files in the root directory.

 

Can't really determine which file would it be, but if you can create FTP accounts, just give me access to the directory where the files for the template are located. Else send me the files via email to

f e l u k e w l [ a t ] g m a i l [ d o t ]c o m

Code (markup):

And yea, the links are after the html tag end. It could be some other file and not necessarily the template files.

 

Ooh what a bad crack they did to you. I am not familiar with your site enough to know where to go looking for it. Searching the template is a good place to start, but this guy is good enough to crack your master password. He definitely has the links embedded deep inside some obscure code.

Best advice, go to your control panel

1. shut your site down IMMEDIATLY (if those links get indexed, you might be in for a ban and your 90k backlinks will amount to 0). You need to rid yourself of these links now. They are display:none which means they are hidden (a SE no-no) & their linking your site to a bad neighborhood. If you cant find in your cpanel, contact your host to disable it temporarily
2. change your password
3. Hopefully you have a recent backup (not sql, file structure). If so, re upload your files or contact your web host to do so.
4. Had any mods installed recently? Opened a help desk ticket lately? this is probably the source of the probem.

Good luck, PM me if you need personal assistance. I'll gladly help you clean the place up. Whatever you do, fix it fast

 

There is no code in foot.tpl, it's clean.

Yeah, I received many contact emails there days.

I check the index.php and database, but nothing found, and all files has not been changed from the last modefied time.

 

All these passwords need to be changed anyways. He has access to all of the sites if he has access to one.

Your other sites might already have the links

 

Take a backup of your DB and re-install the code.

That would fix the issue immediately and then think later.

that is my 0.02

Thanks

 

Thanks for your advice
I can't shut it down, just submit to Yahoo Directory which charged me $300

I would contact the hoster, but what's the strange all other sites are fine.

 

I doubt that this was done with the use of a password. I think it was most likely done using the contact form.

 

Looks like they're in the file that displays your directory statistics. Look at the source code at the bottom.

 

Thanks, database backup every week. Just download the template.

I would re-install it again.

 

Check the phpmyadmin..it's there