newwebid
Forum Replies Created
-
Forum: Everything else WordPress
In reply to: The excerpt portion of my RSS/feed is hijacked by spammersProblem found and resolved. However, it is a bug/security loophole.
For detailed discussion, see –
Forum: Requests and Feedback
In reply to: Spam Posts in Google ReaderPlease disregard the above posting. After reading the newer entries in the link Dan included in his first posting, I realized that a fix is already found.
Search for newer comments from the users “Today I read … something” and “John Wennerberg”.
In short, here is what you need to do:
1. Find a database client and use it to connect to your WP database directly. If you do not know how to do this, ask your ISP for help.
2. Search in the wp_options table and delete rows whose “optiona_name” field looks like: rss_[a long hex number] (some with _ts suffix)
3. Search in the wp_users table, if you find a suspicious user (e.g. url is https://www.com or email you don’t recognize), delete itAlso, I would not search or try a plugin unless I know for sure it is safe. It looks like plugin is a backdoor for unauthorized content to sneak into the system.
I would also disallow anyone to register with the site.
Many thanks to the contributors on the Google Group thread.
Forum: Requests and Feedback
In reply to: Spam Posts in Google ReaderI have a similar problem and I suspect it was because of the plugin (SI Captcha) I installed. Also, I think you mis-identified the problem: the same spam appears in My Yahoo!
My issue is this: I installed WP on my ISP, the site works fine. But once I added it as a Google Reader feed, or to My Yahoo!, if I set my RSS feed to “summary only”, then the spam appears at the first entry that does not have a “excerpt” field. But the spam is just a block of text. If I set my feed type to “full text”, then the spam appears at the first entry as a link.
The spam text in my case is:
Buy ativan Without A Prescription Buy ativan Online Buy ativan C.O.D Buy ativan ativan Without Prescription ativan Without A Prescription ativan Side Effects ativan Prescription ativan Pill ativan Overnight ativan Online (and on and on)The link is to “imaginaria.com.ar”
I downloaded and tried a few desktop RSS readers, but the spam didn’t show up. If I just type my site’s feed URL to a browser, the result is clean too (https://www.wuyibing.com/feed)
Here is why I suspect that it had something to do with plugin –
After I removed the SI Captcha plugin, after 15 minutes or so, the Google reader entry was all right. Another 15 min. more, My Yahoo! was OK too.Then after I put it back in, again, in 15-30 min. the same spam shows up again in both Google and Yahoo.
I read the code for the plugin but didn’t find a clue. I suspect the plugin calls a server for something and that server is hacked or hijacked.