Viewing 8 replies - 1 through 8 (of 8 total)
  • It would appear that your blog has been hacked. If you look at the source code for your blog, you’ll see many links to various sites. These are enclosed in a tag:
    <font style='position: absolute;overflow: hidden;height: 0;width: 0'>
    that is hiding that text so it doesn’t appear on your blog.

    It’s hard to say where this got inserted, I think I would start by looking in index.php to see if there is code in there that is retrieving these links.

    Thread Starter carlmercurio

    (@carlmercurio)

    Thank you mechx1.

    Unfortunately, this is way beyond my coding knowledge and capacity to fix. I guess I’ll start by trying to figure out what index.php is and how to get into it.

    Thanks again.

    Carl

    Carl, you also need to try to find out how they got in. your admin user name and password may have been compromised. You should certainly consider changing your admin password immediatly, and choose a strong passowrd of at least six random characters that is hard to guess. There are articles in the CODEX and other places that address WordPress security which will help you harden your installation. Many of the things you can do don’t require any coding.

    The file I am talking about is in your theme, and it appears that you are using the Default theme. You can log in to admin and use your Theme Editor (Under Design) to look at the code. If you prefer to pull down a copy with FTP and look at it, it should be at:
    wp-content/themes/default/index.php

    If you have not made any modifications to the Default theme, you might be able to get rid of the hack by re-loading the theme.

    Good luck with this.

    Thread Starter carlmercurio

    (@carlmercurio)

    Thanks again. I’ve changed my password.

    I also tried reloading the default template, but it didn’t fix the problem.

    I don’t see anything resembling the “hack” in the Theme Editor. I’ll try looking elsewhere. Maybe in my posts?

    Also, I’ll contact WordPress Security.

    Thanks again,
    Carl

    Thread Starter carlmercurio

    (@carlmercurio)

    Mechx1,

    I found the hack. It was in header.php. Can I just erase the code in there and hit update file?

    Thanks,
    Carl

    I can’t really answer this, are you quite sure that it is a hack? If you do this, be very sure that you can replace that code if it turns out to be legitimate and your blog needs it.

    Just download the theme and upload header.php again. That way, you’ll know that you didn’t delete anything important.

    Thread Starter carlmercurio

    (@carlmercurio)

    I decided to go ahead and delete the code that appeared to be the “hacker” entry. That fixed everything! Thanks, you guys rock.

    Carl

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘HTML Validation Issue’ is closed to new replies.