Random Wordpress Posts Added to My Site

Joined
Jun 28, 2016
Messages
158
Likes
116
Degree
1
Does anyone have any experience of wordpress spam? I had my buddy he's pretty good, clean up my wordpress theme. But still I'm getting these random posts published on my site. Anyone have the same issue? And its only posts, not pages.
 
Have you checked all the users, especially those with publishing privileges? If you don't know them delete!
 
No one in the user role. An old "user role" plugin was installed ages ago I had on there. I deactivated the plugin the plugin and it just deleted itself. Usually its in the "Inactive" mode after it's deactivated, then gives you the option to delete the plugin. But this wasn't the case for this one. After it was deactivated it was just completely gone. Pretty weird. Anyways, changed the password. Still having issues. I'll have to get someone I guess to fix it. If anyone know anyone, let me know. Pay up.
 
Last edited:
Do the posts say who they were published by?

I'm no expert but someone should come along soon, if not try isithacked.com or sucuri.net
 
anonymous, i think. Just showed something blank. I forgot now, cause I already deleted the posts. Sucuri.net says it's fine. I'll wait for the next spam post to see the author
 
You've been hacked, likely through some dumb plugin you installed.

Delete all users you don't need. Change each existing user's password to something complex, long, and random.

Delete all the posts they added. Check Google's cache for a random selection of your pages to make sure they aren't cloaking in links that only googlebot can see.

Delete all extraneous plugins. There's probably a few you don't have to have. Update all remaining plugins and Wordpress itself.

Consider adding a 2nd layer login to your main login form on wp-login.php. Like receiving a pin in a text or email. Or even hide the entire /wp-admin/ behind a password using .htaccess

There's security plugins for the lazy or noobs that don't know how to handle these things.

If you have a backup of the site from before it was hacked, I'd roll back to that, re-post any content you posted since then, then do all of the above.
 
Just an FYI, once I saw a WordPress hack where admin control was given to users that did NOT show up in your user list inside the WordPress backend.

Basically the user was invisible if you simply looked inside the /wp-admin/ area to see users. I discovered the secret admin when posts kept showing up randomly. I went into MYSQL and bam some commentor was show how made an Admin yet they did not show up in the Admin/users/writers/contributors list.

So even if you delete a user through the WP admin you still need to check the users which have admin control through the database and fix things there.

Good luck bros!
 
Back