-
Posts
-
Hello, our wordpress site was hacked and they used links to post_title (like the ones in private content) to redirect them to spam sites. I have cleaned up most of the issues but google search still links to some of these directly.
Is there a way to stop these links from actually displaying the page that they do? Eg go to error page like 404 or something?
Thank you
Hey patricknh,
I think it would be better if you clean up the hack instead of putting a bandaid on it, did you reinstall WordPress, the theme, plugins etc.? Don’t forget to change all passwords as well.
Best regards,
RikardHi, I think you misunderstood the question? I am not trying to “band-aid” anything thing. I had a simple request:
Is “domain/post_title” (“post_title” as defined as a field in the mySQL database of table wp_posts) a valid wordpress link or is this something that happened in the hack? I have done the rest, restored wordpress etc but I cant change the sites content obviously. Including the database! So if stuff has been left in there its difficult to identify. My problem is this was discovered via way of google links that used that url format to reroute to spam sites. Now they simply route to the page that you see. So is this normal behaviour or is there some other way to block or reroute such urls? There are no posts on the site in terms of blogs, but many many such labelled entries for all site contents in the dB.Hi,
Ok, thanks for the feedback, I think I misunderstood you. So the examples you posted where likely created by the hackers since they are empty? And they are not showing under Posts in the backend? I haven’t seen anything like this before so I’m not sure what to do about it to be honest, did you try to delete them in the database?
Best regards,
RikardHi,
Yes, there are no “posts” per se in the site, just portfolio sections and pages. I have tried to disable all blog and comment type functions as this site is not intended to be anything like that.
I am a bit scared to delete those entries as they seemed to refer to images and I am afraid to mess up the rest of the site. I changed all the status entries to “closed”. The hackers seemed to have put two entries in the database which linked to a viagra site and some sunglasses sites and they used that post method to appear in google search and then (in google) if you clicked you got to that site rather than ours.
If I google search now they are no longer appearing so hopefully that is sorted, I was just hoping there was a global way to disallow those sort of links. There are not many links on the site so it is relatively easy to control that, unlike a blog with lots of posts and comments! The only issue was that google seemed to have stored a bunch of those “domain/post_name” links, obviously the hacker modus operandi. At least now they seem to get to that “blog” page (as per hidden links above).
I hoped that that “blog” page that comes up now with the image thumbnail could be somehow replaced by something else or a redirect. I am not sure what that page is or how created but it seems to be a wordpress thing. I was hoping it was an enfold thing that you might recognise.
Is there a recommended security plug-in (eg wordfence?) that is good with enfold?
Thanks
Hi,
Thanks for the feedback. I don’t think the behaviour is theme specific, and like I said, I’ve never encountered this problem before so I’m not sure how to deal with it unfortunately. But if you are looking to do a redirect then maybe a redirect plugin would work out for you? Wordfence works with the theme, you could check out Sucuri as well.
If you are looking to harden your WordPress installation and have it monitored then I would recommend contacting a service like SteadyWP. I’m pretty sure they clean sites as well if you should have the need for that.
Best regards,
Rikard
- You must be logged in to reply to this topic.