1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

How to spot bad code in legit looking files in wordpress

Discussion in 'HTML & Website Design' started by ketanco, Jun 8, 2020.

  1. #1
    My wordpress site has malware and I already deleted the bad looking files. They were easy to spot. But now my host says there could still be malware in the legit looking files. What plugin should I use or what should I do to spot them ? I onviously cannot go through thousands of wordpress files. Is there any shortcuts?
     
    ketanco, Jun 8, 2020 IP
  2. qwikad.com

    qwikad.com Illustrious Member Affiliate Manager

    Messages:
    7,151
    Likes Received:
    1,656
    Best Answers:
    29
    Trophy Points:
    475
    #2
    Did you really say thousands of files? No site is worth running (unless it's making you a ton of $$) that has thousands of files. I'd get away from any CMS that makes me install thousands of files - in a hurry.
     
    qwikad.com, Jun 8, 2020 IP
    mmerlinn likes this.
  3. ketanco

    ketanco Active Member

    Messages:
    52
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    93
    #3
    Yes I use wordpress which has thousands of files, which makes up about a quarter of all websites on earth I believe
     
    ketanco, Jun 8, 2020 IP
  4. deathshadow

    deathshadow Acclaimed Member

    Messages:
    9,732
    Likes Received:
    1,998
    Best Answers:
    253
    Trophy Points:
    515
    #4
    Bad looking code.. in wordpress... being the fault of malware? Bwahaha... you slay me, that's a riot.

    Turdpress out of the BOX has garbage code, if anything malware would probably be an improvement over the crap it vomits up and has the unmitigated gall to call HTML/CSS.
     
    deathshadow, Jun 9, 2020 IP
    malky66 likes this.
  5. ketanco

    ketanco Active Member

    Messages:
    52
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    93
    #5
    why do you say wordpress is crap?
     
    ketanco, Jun 10, 2020 IP
  6. malky66

    malky66 Acclaimed Member

    Messages:
    3,996
    Likes Received:
    2,248
    Best Answers:
    88
    Trophy Points:
    515
    #6
    It's insecure (As you've already found out).
    It's crap
    It's bloated.
    You have to install plugins in an attempt to make it secure.
    It's crap.
    The HTML it pukes onto the page is crap.
    Oh did I mention it's crap.
     
    malky66, Jun 10, 2020 IP
    mmerlinn likes this.
  7. deathshadow

    deathshadow Acclaimed Member

    Messages:
    9,732
    Likes Received:
    1,998
    Best Answers:
    253
    Trophy Points:
    515
    #7
    The default markup out of the box is a monument to the 3i's of development -- ignorance, incompetence, and ineptitude. Those who wrote its front end are less qualified to write HTML or CSS than the dipshit MORONS who created bootcrap. Since pretty much every off the shelf template is in some way, shape, or form built upon that baseline, they too reek of 3i.

    Similarly the back end is an even bigger disaster with multiple entry points, only one ring of security with zero internal isolation, and reeking of the worst of PHP 3 era practices that has been hacked hacked and hacked some more to try and run under modern PHP.

    To fix ANY of the deep rooted problems that plague it to this day, you would have to utterly break all backwards compatibility.

    When the latest version is slopping out HTML like this out of the box:

    		<header id="site-header" class="header-footer-group" role="banner">
    
    			<div class="header-inner section-inner">
    
    				<div class="header-titles-wrapper">
    
    					
    						<button class="toggle search-toggle mobile-search-toggle" data-toggle-target=".search-modal" data-toggle-body-class="showing-search-modal" data-set-focus=".search-modal .search-field" aria-expanded="false">
    							<span class="toggle-inner">
    								<span class="toggle-icon">
    									<svg class="svg-icon" aria-hidden="true" role="img" focusable="false" xmlns="http://www.w3.org/2000/svg" width="23" height="23" viewBox="0 0 23 23"><path d="M38.710696,48.0601792 L43,52.3494831 L41.3494831,54 L37.0601792,49.710696 C35.2632422,51.1481185 32.9839107,52.0076499 30.5038249,52.0076499 C24.7027226,52.0076499 20,47.3049272 20,41.5038249 C20,35.7027226 24.7027226,31 30.5038249,31 C36.3049272,31 41.0076499,35.7027226 41.0076499,41.5038249 C41.0076499,43.9839107 40.1481185,46.2632422 38.710696,48.0601792 Z M36.3875844,47.1716785 C37.8030221,45.7026647 38.6734666,43.7048964 38.6734666,41.5038249 C38.6734666,36.9918565 35.0157934,33.3341833 30.5038249,33.3341833 C25.9918565,33.3341833 22.3341833,36.9918565 22.3341833,41.5038249 C22.3341833,46.0157934 25.9918565,49.6734666 30.5038249,49.6734666 C32.7048964,49.6734666 34.7026647,48.8030221 36.1716785,47.3875844 C36.2023931,47.347638 36.2360451,47.3092237 36.2726343,47.2726343 C36.3092237,47.2360451 36.347638,47.2023931 36.3875844,47.1716785 Z" transform="translate(-20 -31)" /></svg>								</span>
    								<span class="toggle-text">Search</span>
    							</span>
    						</button><!-- .search-toggle -->
    
    					
    					<div class="header-titles">
    
    						<h1 class="site-title"><a href="http://localhost/wptest/wordpress/">Turdpress Test</a></h1><div class="site-description">Just another WordPress site</div><!-- .site-description -->
    					</div><!-- .header-titles -->
    
    					<button class="toggle nav-toggle mobile-nav-toggle" data-toggle-target=".menu-modal"  data-toggle-body-class="showing-menu-modal" aria-expanded="false" data-set-focus=".close-nav-toggle">
    						<span class="toggle-inner">
    							<span class="toggle-icon">
    								<svg class="svg-icon" aria-hidden="true" role="img" focusable="false" xmlns="http://www.w3.org/2000/svg" width="26" height="7" viewBox="0 0 26 7"><path fill-rule="evenodd" d="M332.5,45 C330.567003,45 329,43.4329966 329,41.5 C329,39.5670034 330.567003,38 332.5,38 C334.432997,38 336,39.5670034 336,41.5 C336,43.4329966 334.432997,45 332.5,45 Z M342,45 C340.067003,45 338.5,43.4329966 338.5,41.5 C338.5,39.5670034 340.067003,38 342,38 C343.932997,38 345.5,39.5670034 345.5,41.5 C345.5,43.4329966 343.932997,45 342,45 Z M351.5,45 C349.567003,45 348,43.4329966 348,41.5 C348,39.5670034 349.567003,38 351.5,38 C353.432997,38 355,39.5670034 355,41.5 C355,43.4329966 353.432997,45 351.5,45 Z" transform="translate(-329 -38)" /></svg>							</span>
    							<span class="toggle-text">Menu</span>
    						</span>
    					</button><!-- .nav-toggle -->
    
    				</div><!-- .header-titles-wrapper -->
    
    				<div class="header-navigation-wrapper">
    
    					
    							<nav class="primary-menu-wrapper" aria-label="Horizontal" role="navigation">
    
    								<ul class="primary-menu reset-list-style">
    
    								<li class="page_item page-item-2"><a href="http://localhost/wptest/wordpress/sample-page/">Sample Page</a></li>
    
    								</ul>
    
    							</nav><!-- .primary-menu-wrapper -->
    
    						
    						<div class="header-toggles hide-no-js">
    
    						
    							<div class="toggle-wrapper search-toggle-wrapper">
    
    								<button class="toggle search-toggle desktop-search-toggle" data-toggle-target=".search-modal" data-toggle-body-class="showing-search-modal" data-set-focus=".search-modal .search-field" aria-expanded="false">
    									<span class="toggle-inner">
    										<svg class="svg-icon" aria-hidden="true" role="img" focusable="false" xmlns="http://www.w3.org/2000/svg" width="23" height="23" viewBox="0 0 23 23"><path d="M38.710696,48.0601792 L43,52.3494831 L41.3494831,54 L37.0601792,49.710696 C35.2632422,51.1481185 32.9839107,52.0076499 30.5038249,52.0076499 C24.7027226,52.0076499 20,47.3049272 20,41.5038249 C20,35.7027226 24.7027226,31 30.5038249,31 C36.3049272,31 41.0076499,35.7027226 41.0076499,41.5038249 C41.0076499,43.9839107 40.1481185,46.2632422 38.710696,48.0601792 Z M36.3875844,47.1716785 C37.8030221,45.7026647 38.6734666,43.7048964 38.6734666,41.5038249 C38.6734666,36.9918565 35.0157934,33.3341833 30.5038249,33.3341833 C25.9918565,33.3341833 22.3341833,36.9918565 22.3341833,41.5038249 C22.3341833,46.0157934 25.9918565,49.6734666 30.5038249,49.6734666 C32.7048964,49.6734666 34.7026647,48.8030221 36.1716785,47.3875844 C36.2023931,47.347638 36.2360451,47.3092237 36.2726343,47.2726343 C36.3092237,47.2360451 36.347638,47.2023931 36.3875844,47.1716785 Z" transform="translate(-20 -31)" /></svg>										<span class="toggle-text">Search</span>
    									</span>
    								</button><!-- .search-toggle -->
    
    							</div>
    
    							
    						</div><!-- .header-toggles -->
    						
    				</div><!-- .header-navigation-wrapper -->
    
    			</div><!-- .header-inner -->
    Code (markup):
    Doing the job of:

    <header>
    	<h1>
    		<a href="/">Turdpress Test</a>
    		<small>Just another Wordpress Site</small>
    	</h1>
    	<input type="checkbox" id="toggle_mainMenu" class="toggle" hidden>
    	<label for="toggle_mainMenu"></label>
    	<nav>
    		<ul id="mainMenu">
    			<li class="search"><a href="#search"><span>&#x1F50D;</span>Search</a></li>
    			<li><a href="/sample-page/">Sample PAge</a></li>
    		</ul>
    	</nav>
    
    Code (markup):
    That's what I call ignorance, incompetence and ineptitude. Especially when they're relying on scripttardery to do HTML and CSS' flipping job!

    Top to bottom it's got endless pointless DIV for nothing, endless pointless PRESENTATIONAL classes for nothing, JS doing what HTML and CSS haven't needed JS for in nearly a decade, gibberish to nonexistent semantics, absolute URI's for no reason other than to waste bandwidth, comment placements that could (and likely are) triggering rendering errors, static scripting in the markup, multiple stylesheets just increasing the handshake count because "hurr durrz eye cans haz teh intarwebs?", repeating the same basic menu multiple times because they're too stupid to know how to use media queries...

    and that's before we talk the shit-show that is the CSS itself.

    Hence why it out of the box vomits up 35k of markup for 757 bytes of plaintext and ZERO content media. NOT EVEN 4k of HTML's flipping JOB!!!

    Seriously when you see <main role="main"> or <form role="form"> You're looking at code made by people who need to back the f*** away from they keyboard and go take up something a bit less detail oriented like macramé!
     
    deathshadow, Jun 10, 2020 IP
  8. mmerlinn

    mmerlinn Prominent Member

    Messages:
    3,197
    Likes Received:
    818
    Best Answers:
    7
    Trophy Points:
    320
    #8
    Turdpres IS malware! EVERY Turdpress site has SERIOUS security flaws promulgated by the MALWARE called TURDPRESS.
     
    mmerlinn, Jun 12, 2020 IP