Comments on: Cloaking Hack Puts Spam In Your WordPress Search Engine Results https://www.blogherald.com/news/cloaking-hack-puts-spam-in-your-wordpress-search-engine-results/ The leading source of news covering social media and the blogosphere. Sun, 24 Oct 2010 20:34:04 +0000 hourly 1 https://wordpress.org/?v=5.9.9 By: spam my blog https://www.blogherald.com/news/cloaking-hack-puts-spam-in-your-wordpress-search-engine-results/#comment-1120170 Sun, 24 Oct 2010 20:34:04 +0000 http://www.blogherald.com/?p=15697#comment-1120170 Please spread the word and stop spam comments.

]]> By: Scott Frazer https://www.blogherald.com/news/cloaking-hack-puts-spam-in-your-wordpress-search-engine-results/#comment-1119019 Tue, 17 Aug 2010 16:06:14 +0000 http://www.blogherald.com/?p=15697#comment-1119019 We just found this on our site as well. In our case, something managed to create a malicious file in our blog’s webroot called “temp.php” containing a gzipped, base64 block of code that would look for incoming search engines and re-write the output.

The temp.php file was being loaded from wp-blog-header.php. Deleting the temp.php file and then removing that reference from wp-blog-header.php appears to have cleaned it up for us.

Your site is coming up as the first entry for “wordpress search spam” so I’m hoping this will help some other folks as well.

]]> By: Franky Branckaute https://www.blogherald.com/news/cloaking-hack-puts-spam-in-your-wordpress-search-engine-results/#comment-1116068 Fri, 09 Apr 2010 17:44:26 +0000 http://www.blogherald.com/?p=15697#comment-1116068 In reply to kevin.

Kevin, it is injected code, so much is clear. Pearson is a well known designer and the hack is still present even when you change the theme. You are right, the injected spam is only visible to search engines (even changing the user_agent might not reveal it).

Garen, right now there does not seem to be a solution but apparently some victims have changed hosting and that solved the problem.

]]> By: kevin https://www.blogherald.com/news/cloaking-hack-puts-spam-in-your-wordpress-search-engine-results/#comment-1116067 Fri, 09 Apr 2010 17:40:05 +0000 http://www.blogherald.com/?p=15697#comment-1116067 Much of the time, the hack is already in the template you downloaded or a plugin. The hack is hidden in the code and often upon making changes to the blog – adding post, category, tag, etc – the hack is activated.
Also it may be that it is only revealed when the page is called via a particular user_agent, or only when not logged in (you are often looking at your blog when logged in), etc. or non javascript enabled browser.
You can often detect them by looking for obfuscated code (strange series of characters that are unreadable. There is(was?) a plugin also that will detected encoded/obfuscated code in your wp-content dir (where plugins and themes live).

Hope you get it resolved.

]]> By: Garen https://www.blogherald.com/news/cloaking-hack-puts-spam-in-your-wordpress-search-engine-results/#comment-1116044 Thu, 08 Apr 2010 06:42:48 +0000 http://www.blogherald.com/?p=15697#comment-1116044 Yeah I got a hack installed on my blog that was promoting the same type of stuff. I have no clue how it got there and I changed my password and everything. It keeps showing up. Do you have any ideas of how to get rid of it?

]]>