Return to Support

Spam injected into functions.php

Home Forums Graphene WordPress theme Support Spam injected into functions.php

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #9054
    manicolaus
    Member

    About three months ago I reported that spam (in the form of a bunch of links to viagra sites and the like) had got injected into the graphene functions.php file. Today it happened again. I run the Wordfence plugin, which caught the discrepancy between my file and the genuine file in the WP repository. I also subscribe to sucuri.com, which flagged the spam and did a removal operation. Luckily this was caught and cleaned before the site was blacklisted anywhere. I have been using the graphene theme for a couple of years or more and like it a lot. I do wonder if there is a gap in it somewhere that allows spammers to inject their junk into its code. Then again the gap might be in some totally different plugin. If anyone has helpful thoughts about this I’d appreciate it.

    #42672
    Skivey
    Member

    do you have the permissions set correctly on the files?

    This is a host problem surely?

    #42673

    I doubt very seriously that it’s a theme bug, or more of us would have this problem. This is most likely the result of a bad plugin, edits made to WordPress or Graphene core files, a malicious hack, or poor security on the part of your host.

    You should be sure to read this page in the Codex:

    http://codex.wordpress.org/Hardening_WordPress

    Make sure that you are only using WordPress core, themes, or plugins that you get from WordPress itself. You can’t make any guarantees about things you get from other sites, even if you pay for them.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.