There’s been a scary increase in Text Link Injection attacks on blogs. Blogs usually rank well for Google, but what happens with these attacks is that spammers hack into your blog, and put hidden links into popular posts. You can’t see these links, but Google can. Thus passing on rank authority. It’s – to coin a phrase – pretty fucking sneaky.

Hopefully, with the new version of WordPress the exploit has been fixed. However, if you do a standard upgrade, then you probably will have remnants of the old version on your system.

But these links are bloody difficult to find, so before you take drastic action, here’s how to find them.

mysqldbicon.jpg1. Open Up Your Blog Database

The quickest and easiest way of finding these links in not through WordPress, but looking at your database to begin with. To do this, you’d need to go to your website back end. In your browser, type in (usually works, if you have cpanel), then click on “MySQL Databases”, scroll to the bottom and click “phpmyadmin”. From there, select your database.

2. Check For Results

These links are hidden with a piece of css scripting, thankfully they’re easy to find. Click on the SQL tab along the top, and type in this:

FROM `wp_posts`
WHERE `post_content` LIKE CONVERT( _utf8 '%display:none%'
USING latin1 )
COLLATE latin1_swedish_ci
LIMIT 0 , 30

If you have changed your table prefix, replace wp_ with whatever you named it. If you get no results, congratulations! Your blog hasn’t been attacked. But if you get them, use phpmyadmin’s text editor to remove the offending code.

3. Protect Yourself

I could explain this, but I think Shoemoney did a good enough job here.

And That’s It!

Hurrah! You are now guarded against Text Link Injection attacks. See, this blog can be useful sometimes.

I’m sure some l33t php ninja out there would find a better method, if so, leave it in the comments!

Tags: , , | Comments: 1 Comment


Related Posts

    Fatal error: Call to undefined function related_posts() in /home/gospelrh/public_html/wp-content/themes/mergerofjuneandjuly/single.php on line 28