1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

WORDPRESS HACK - hacker redirect SE traffic to his site

Discussion in 'Security' started by lijgeo, Jun 6, 2008.

  1. #1
    Hi,


    anyone noticed huge drop in traffc without any chage in SERP !!

    Using wordpress?

    then read on!!

    then your wordpress is hacked. check your wp-blog-header.php file.

    hacker redirectes SE traffic visitors to his site it there is no past cookie set on his site !!!


    my wp header file looked like this


    Check whether your header file is like this and chage iif its hacked!!

    its redirecting to anyresults.net

    whois info of that domain .


    Administrative Contact:
    N/A
    Doren Arnold ()
    96 Mowat Ave
    Toronto
    3553,M6K 3M1
    US
    Tel. +1.416545545




    check immediately and fix if you have this problem. i think we should report this in wp community forum and webhosting of that site
     
    lijgeo, Jun 6, 2008 IP
  2. trocobob

    trocobob Banned

    Messages:
    1,441
    Likes Received:
    48
    Best Answers:
    0
    Trophy Points:
    0
    #2
    was you header chmodded 777 ?
     
    trocobob, Jun 6, 2008 IP
  3. frank.jung

    frank.jung Peon

    Messages:
    146
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #3
    You need to give us more details than that.

    Sorry for your luck but I am assuming you are the only one with this issue.
     
    frank.jung, Jun 6, 2008 IP
  4. Scripter

    Scripter Peon

    Messages:
    403
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #4
    As far as I know it's a hack of the wp-config and there is no official fix so far, it even works with the latest WP version. It redirects all traffic from google, but just from google, if you have bookmarked your site and access it, everything looks normal.

    It's a widespread problem at the moment and certainly so single incident.
     
    Scripter, Jun 6, 2008 IP
  5. Mudra

    Mudra Peon

    Messages:
    173
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Traffic to my sites has also decreased but no such coding is in my header.php
    Please give some more details.
     
    Mudra, Jun 6, 2008 IP
  6. Scripter

    Scripter Peon

    Messages:
    403
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #6
    Look in your .htaccess, it has a referrer based redirect if you were hacked as far as I know.
     
    Scripter, Jun 6, 2008 IP
  7. webjaws

    webjaws Banned

    Messages:
    89
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #7
    Its not a single incident!!! I had the problem in 2 of my wordpress sites!! A loss of huge traffic...!!! JUST FIXED IT...!! It must be reported to WP community! How such hacks occurs to the xtreme secure WP??

    Its redirecting to its redirecting to anyresults.net

    We will see more users with the problem soon!!!

    Any FIXES available to this hack? How can we prevent?
     
    webjaws, Jun 6, 2008 IP
  8. lijgeo

    lijgeo Banned

    Messages:
    647
    Likes Received:
    21
    Best Answers:
    0
    Trophy Points:
    0
    #8
    lijgeo, Jun 6, 2008 IP
  9. lijgeo

    lijgeo Banned

    Messages:
    647
    Likes Received:
    21
    Best Answers:
    0
    Trophy Points:
    0
  10. nastynappy

    nastynappy Banned

    Messages:
    499
    Likes Received:
    16
    Best Answers:
    0
    Trophy Points:
    0
    #10
    er.. but how did your wp-blog-header.php changed??
    does anyone else have the access to edit your files?
    who edited your wp-blog-header.php ?
     
    nastynappy, Jun 9, 2008 IP
  11. godsofchaos

    godsofchaos Peon

    Messages:
    2,595
    Likes Received:
    124
    Best Answers:
    0
    Trophy Points:
    0
    #11
    Whoa! Thanks for letting us know. Thankfully, I am so far so good.... Gotta watch out for this prick!!!
     
    godsofchaos, Jun 10, 2008 IP
  12. sweetfunny

    sweetfunny Banned

    Messages:
    5,743
    Likes Received:
    467
    Best Answers:
    0
    Trophy Points:
    0
    #12
    sweetfunny, Jun 12, 2008 IP
  13. lijgeo

    lijgeo Banned

    Messages:
    647
    Likes Received:
    21
    Best Answers:
    0
    Trophy Points:
    0
    #13
    just see the inctrese in traffic within 1 month

    So its the proof that he hacked so many sites !!

    is there anything we can do against him?

    [​IMG]

     
    lijgeo, Jun 13, 2008 IP
  14. chandan123

    chandan123 Prominent Member

    Messages:
    11,586
    Likes Received:
    578
    Best Answers:
    0
    Trophy Points:
    360
    #14
    any update for this matter ?

    #32,833 in 13 days, compare his traffic to Digitalpoint. :eek:
     
    chandan123, Jun 18, 2008 IP
  15. nastynappy

    nastynappy Banned

    Messages:
    499
    Likes Received:
    16
    Best Answers:
    0
    Trophy Points:
    0
    #15
    hello.. will anyone tell me how their wp-blogheader file get edited?
    why do u guys give permission to other user to use ur files ?
     
    nastynappy, Jun 20, 2008 IP
  16. lijgeo

    lijgeo Banned

    Messages:
    647
    Likes Received:
    21
    Best Answers:
    0
    Trophy Points:
    0
    #16
    i think its beacuse of some bug in old WP

     
    lijgeo, Jun 20, 2008 IP
  17. bbrian017

    bbrian017 Well-Known Member

    Messages:
    2,990
    Likes Received:
    66
    Best Answers:
    0
    Trophy Points:
    170
    #17
    wow this is crazy hehehe
     
    bbrian017, Jun 20, 2008 IP
  18. AlfaGTV

    AlfaGTV Well-Known Member

    Messages:
    351
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    110
    #18
    Damned, I just checked all my blogs. Found one that had some weird encrypted javascript code in the wp-blog-header.php file. It was causing a redirect. I just deleted all files and did a new wordpress installation. This blog did 500 uniques average / day in may. Most traffic coming from google, last 2 weeks only 50 uv's/day. I feel really gutted about this, I've spent a lot of time recently trying to write some good unique content on this blog.
     
    AlfaGTV, Jun 20, 2008 IP
  19. falguni1

    falguni1 Peon

    Messages:
    3,016
    Likes Received:
    66
    Best Answers:
    0
    Trophy Points:
    0
    #19
    falguni1, Jun 22, 2008 IP
  20. lijgeo

    lijgeo Banned

    Messages:
    647
    Likes Received:
    21
    Best Answers:
    0
    Trophy Points:
    0
    #20
    lijgeo, Jun 23, 2008 IP