Hacked with Rogaine Ads on my WP
 

Hey guys.. I got the assy hidden multi ad hack done to my main URL for like the millionth time... my rankings have taken a shit.. usually I find it... and it's a faux footer piece of code..

This time it's appearing after the first blog post's title... and I can't seem to figure it out..

Would someone be willing to ICQ me and look at my site to tell me, por favor?

icq: 254-771-666

icq me 168048147

im available if needed

If it is on a dedicated server you may have a backdoor installed. Once a box gets hacked it is generally done for.

hope you get it resolved...

what hosting company? i've had that hack a couple times - not in a year or so though. i think they beefed up some security on my box.

Hey sorry went to bed last night and was out all day...

I'm with Phatservers... but it's only my main PSS URL... not any of my secondary or fetish phone sites...

Usually they hide it in the footer.. and I can fix it myself.. but I can't find it for the life of me in the post php..

thanks guys! I'll be ICQ tonight..

When I emailed Phatservers... they just told me I sent them a google cache... I'm like.. Duh.. Yes.. because the text only cache is the only place you can see it.. you can't see it on the live site version... because it's hidden... then they emailed me to tell me they're not seeing it at all... I was spidered last night just after I posted and thought I fixed it... and yup.. still there..

Does anyone know how to view a live page as a text only? like on google's cache when you click "text only"...
A program that does it.. or a setting in a browser?

View Page Source?

Its the same source google is reading.

For some reason thats not working.. when ya view page source it's not there...
But it is there on the cache'd google version.. Like 200+ Rogaine links...

and only after the title on the first post...

It's totally butt fucking me... normally I'm page 1.... top 5... and nada. :(

This will be my 5th google reconsideration plea in 8 months probably.... fuckers. I always bounce right back.. then they end up hacking again.. just this time it wasn't the faux footer php... it's something a little deeper.

lynx browser perhaps?

I once had my old wordpress script hacked/exploited twice in a row. There was about 100 lines of links added to my footer. Once i upgraded the WP version the problem stopped. You have to be careful with these things because it got my domain banned from google adsense.

JamesK fixed it for me :)
It was in the mysql... it was attached to the security plugin.. an encrypted file in there... inside of the database...

Thanks so much guys :)

I'm in 2.8.. so hopefully they can't get in with this.. I upgraded to 2.8 mid last week.. and the hack could've happened before that.. so hopefully, we'll see if this helps :)

JamesK is a God. :thumbsup:thumbsup:thumbsup:thumbsup:thumbsup

My pleasure and thanks for the generous tip :thumbsup

Well done James