D
D
Dima2021-06-13 06:46:49
Fight against spam
Dima, 2021-06-13 06:46:49

Unwanted ads on the site, how to remove?

Hello!
It all started with this An advertisement was attached to the site address, what is it?
Today I got into the admin panel and found links to casino ads in the Fresh WP-Super-Cached list. I disabled the plugins, nothing helped, there are a lot of these links. Tried to search in the code, got confused. Online services don't find anything.
I just needed to update the theme and I removed the inactive plugins and updated the theme.
Not long.
Reinstalled Wordpress and after that... The site had 2 entries, and now 3000 and from the bottom 2998 with all sorts of casino ads.
And now I go to watch the redirect from 404 pages and there are 2 links every minute, then a photo, then a post, then a page and everything with this advertisement.
Hair stood on end.
I google, but so far without success.
Maybe someone in this scale?

Answer the question

In order to leave comments, you need to log in

3 answer(s)
D
d-stream, 2021-06-13
@d-stream

Apparently, one of the holes in WordPress or plugins is being successfully exploited ... And you need to start with this. The first is to extinguish viruses, the second is to close the hole, and further on, as such, the fight against spam will dry up.

D
Developer, 2021-06-13
@samodum

All the problems are due to the fact that you have a website on HTTP.
Translate to HTTPS

M
mletov, 2021-06-13
@mletov

This happens in various CMS. You will not find it with a search, because most likely spam links are encrypted in base64. But you can search the files for the word "base64"
1) Update the CMS and plugins to the latest version
2) Check the site for viruses. This can be done by downloading the site to the local area and going through, for example, Avast, Kaspersky or Windows Defender. It is also sometimes possible to check directly on the server, for example, ISP Manager has a free version of ImunifyAV. It is advisable to check with several antiviruses, since not all files are always found.
3) Also, some viruses can be cut out by hand, many of them have very characteristic names like access0.php
4) Read in the CMS documentation what rights should be set on files and folders, maybe you have 777 thread somewhere.
5) If there are several sites on the server, then each folder with the site must have its own user, sometimes the virus crawls from neighboring sites, especially if the rights are 777.
6) Change the connection access to the database

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question