Malicious-like query bring my WP site down

  • I have this query that is bringing my website to it’s knees. I started seeing it yesterday. I have no idea where it originates from. I definitely do not have that sort of a query in my theme. I use a few plugins as I prefer to write my own. At first I thought we were been injected in the search box, I hard search.php. The query kept popping. Then I disable SEO sitemaps. The query kept popping. Now I don’t know where to look. Have we been compromised in some way? What is going on?

    Does anyone have an idea where this sort of query could be originating from?

    SELECT SQL_CALC_FOUND_ROWS  wp_posts.ID FROM wp_posts  WHERE 1=1  AND (((wp_posts.post_title LIKE '%community%') OR (wp_posts.post_content LIKE '%community%')) AND ((wp_posts.post_title LIKE '%development%') OR (wp_posts.post_content LIKE '%development%')))  AND (wp_posts.post_password = '')  AND wp_posts.post_type IN ('post', 'page', 'attachment', 'afp_feed_article', 'byline_bio_box', 'network_news', 'weather', 'event', 'tweet_of_the_day', 'video_of_the_day', 'cxt_site_poll', 'cxt_daily_cartoon', 'citizen_gallery', 'phakaaathi_log', 'phakaaathi_video', 'phakaaathi_gallery', 'phakaathi_mmedia', 'multimedia', 'fixtures_results') AND (wp_posts.post_status = 'publish')  ORDER BY (CASE WHEN wp_posts.post_title LIKE '%community development %' THEN 1 WHEN wp_posts.post_title LIKE '%community%' AND wp_posts.post_title LIKE '%development%' THEN 2 WHEN wp_posts.post_title LIKE '%community%' OR wp_posts.post_title LIKE '%development%' THEN 3 WHEN wp_posts.post_content LIKE '%community development %' THEN 4 ELSE 5 END), wp_posts.post_date DESC LIMIT 0, 10;

SELECT post_modified_gmt FROM wp_posts WHERE post_status = 'publish' AND post_type IN ('post', 'page', 'attachment', 'afp_feed_article', 'byline_bio_box', 'network_news', 'weather', 'event', 'tweet_of_the_day', 'video_of_the_day', 'cxt_site_poll', 'cxt_daily_cartoon', 'citizen_gallery', 'phakaaathi_log', 'phakaaathi_video', 'phakaaathi_gallery', 'phakaathi_mmedia', 'multimedia', 'fixtures_results') ORDER BY post_modified_gmt DESC LIMIT 1;

    ‘afp_feed_article’, ‘byline_bio_box’, ‘network_news’, ‘weather’, ‘event’, ‘tweet_of_the_day’, ‘video_of_the_day’, ‘cxt_site_poll’, ‘cxt_daily_cartoon’, ‘citizen_gallery’, ‘phakaaathi_log’, ‘phakaaathi_video’, ‘phakaaathi_gallery’, ‘phakaathi_mmedia’, ‘multimedia’, ‘fixtures_results’ are my custom post types.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter kirsten-SAdev

    (@kirsten-sadev)

    I must add that the words/phrases been searched for in the query keep changing. It will be “community”, then a celebrity nae, then a football club, etc.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    Turn off ALL the plugins, even the ones you made, and see if it stops. Then turn them on, one at a time. Standard debugging, basically.

    Suggest that you install “All in one WordPress security”, it has an option to change the table prefix, yours at the moment is wp_ which is begging for trouble. If these queries then change, then your problem is within the fence.
    What do your website logs say ?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Malicious-like query bring my WP site down’ is closed to new replies.