Site hacked, malicious output @ themeblvd_header_addon through dynamic_sidebar()
-
Topic
-
When not logged into http://www.skisawmill.com a link top left above the logo says “diflucan alcohol yeast” and links to a website. As soon as you log in the link goes away and will not come back until you clear your cache. I believe this is some kind of hack. How do i get rid or it? I can’t find it in the code anywhere.
-
Replies
-
Hello,
Yeah, in theory, the code could be anywhere. I don’t think their approach is hooking to our specific theme’s “themeblvd_header_addon” hook — I think their approach is a more general one where they’re taking advantage of the fact that a widget area is outputted there, and doing something with WP’s
dynamic_sidebar()function.I would suggest contacting your web host. Most likely the hacked code is hidden in some file and is encrypted. Your host can help you to identify where the code is and how this may be able to be prevented in the future.
If you’re looking for more troubleshooting you can do in the mean time, you can always do the obvious things —
Is the hacked code in a plugin? — Deactivate each plugin one-by-one checking to see if the problem goes away. Then, when it does, you should know which plugin contains the malicious code.
Is the hacked code in the theme? — Download the theme again from ThemeForest.net, and update all the theme files on your site through FTP. If the problem goes away, then you know it was previously in the theme.
If it’s not in a plugin and it’s not in the theme, things get trickier because it’s probably hidden somewhere in WordPress core, which means (1) you may have to re-install WordPress and (2) however it’s been hacked in there suggests a larger vulnerability with your site.
- The forum ‘Akita Responsive WordPress Theme’ is closed to new topics and replies.