I’ve got an issue with a client’s website that was hacked a couple of months ago. Part of the hack is that it creates fake Google results for downloading music, to various fake URLs on the site.
I’ve gone through and updated everything I can think of, got rid of unnecessary plugins and themes on the WordPress site, but I still keep seeing these links pop when I search Google.
I’ve been going through and submitting them individually to Google to have them removed through the Webmaster Tools, but I’ve got to find a way to plug the hole and make it stop. Has anyone had this before and have a good solution for how they fixed it? Thanks in advance!
I had a similar issue on my website. If it’s the same, the hacker did not submit links to Google per se, they put the extra files on your web server and Google just stumbled upon them.
Manually Fix – Log in via Secure FTP (or plain FTP if you must) and manually delete all the non-WordPress files. They’re most likely just in the root directory, but occasionally there’s also folders and subfolders of the junk. They’re probably a mix of HTML & PHP files mostly.
Download the newest version of WordPress and compare it to your server to ensure you don’t accidentally delete any essential files.
Next part is a bit harder and that’s to make sure non of the core files have been modified. You should probably just override the current version with your freshly downloaded copy, but if you want to do it manually I’ve found that the modifications generally are at the first or last line of any
index.phpfile – it’ll be a super long section of base64 encoded garbage. Not exclusively though so it takes a while to pin point all of the possible issues.Alternatively, backup your theme files, take note of all plugins, take note of the database login details in
wp-config.php, then trash all the website files and re-upload WordPress, updatewp-config.phpwith the database details, upload your theme and fresh copies of all plugins. Your database will still be set up so you shouldn’t need to worry about losing data (may want to back up anyways).Always then ensure WordPress & all plugins are up to date and update WordPress, FTP & any other server access passwords to something secure.