Home › Forums › BulletProof Security Free › Code Injection in Header
Tagged: Code Injection in Header
- This topic has 9 replies, 3 voices, and was last updated 11 years, 10 months ago by mr.
-
AuthorPosts
-
BenMember
Hello I have BPSecurity installed and everything running perfectly, but I have a problem with a link that is above the header on my site directing to an online casino. my site is http: //www.AddictiveAngler.com i’ve deleted all the users from phpmyadmin and have changed all ftp and Database accounts. Thank you! If i could just find the file where its loading from that would help… seems to load before header.php
AITpro AdminKeymasterThe link is in your “head” section of your site. Check your Theme’s header.php file for the code/link. It is possible that the link is being generated from your WP DB, but this looks more like Code Injection directly into a file and not a DB hack. Code Injection can be done by cracking your FTP password or your WP Login password or by exploiting some code in your Theme files – either js or php files. The Code Injection could also be in any of your Theme’s JS files or possibly the Theme’s functions.php file.
BenMemberI’ve narrowed it down that its nothing in the header, its getting injected right after the <body> tag
AITpro AdminKeymasterRight mouse click on your home page and click View Source to view the HTML Source Code and you will see that the link is in your head section and not in the body.
BenMemberI got rid of it once by restoring a backup, however I restored the same backup and and it remained this time.
BenMember[Code has been removed]
please do not post source code here.
AITpro AdminKeymasterIf you want to quickly find the source of the link then download your website files and open any of the php files with a code editor and then do a search through all files in the folder that you downloaded your site files too. You can do the same type of search with phpMyAdmin and just do a search for LIKE % % and then use the search term onlinecasino-games[dot]com
AITpro AdminKeymasterIf you do not have a good backup to restore from then you will need to make a download of all your files and your database. Delete everything and then reinstall everything new/clean and then only import your database tables that contain you content. See this WordPress help post >>> http://codex.wordpress.org/FAQ_My_site_was_hacked
BenMemberI’m doing that right now.
mrMemberHi, I have same problem in my blog http: //www.metallirari.com but I never discovered the code injection. Did you find it? If so can you help me? Thanks a lot. Roby
-
AuthorPosts
- You must be logged in to reply to this topic.