Well, That Was Interesting - Egg on My Face

blog cover image
20
3K followers
Updated

So I happened to post a link on Facebook to an article I posted in response to someone having difficulty updating the firmware of a drone. The next morning I saw they replied asking if it was a joke and then pasting a screenshot of some other site asking for them to verify that they are 18 or older...

I immediately thought I was hacked and, in a way, I guess I was. The first thing I did was follow my own link and nothing unusual happened. I started refreshing the page, loading other posts and finally, after about the 4th or 5th try, I got it to come up.

This little "issue" was sneaky to say the least. It appears that the script that's run will randomly forward someone to it's site, but not always. This made it hard to really track down and identify.

What Happened?

Apparently a plugin I had installed added a script to 37 of the 41 posts, all 5 pages and 210 of the 227 images on my site. I'm still not 100% sure as to which plugin it was/ Maybe it was one I added to test out and deleted, but the damage had already been done, or maybe it was the Classic Editor I installed that SiteSupport removed during all of this. I don't think it was the Classic Editor because I have that on another site and nothing has happened there.

Is it Fixed?

Yes, I have removed the script from all affected locations. This took some time as it was pretty much a manual removal process and the script was in so many places.

What Was the Offending Code?

I am replacing the opening and closing characters with * so it will show up on this post for you to see: *script src="https://db.allyouwant.online/main.js" type='text/javascript'**/script*

At least it was added at the bottom of every page and post and in the description fields of all the images so it wasn't hidden somwhere in the middle and hard to find.

What's This About Egg On Your Face?

As this affected my visitors I decided to create a small post apologizing to anyone it may have affected and I posted it on all the usual social media sites I use. Yes, it might make me look a little bad but I'm hoping that the transparancy will a) show that the redirection was not intentional and b) show that I owned up to it and cleaned up the mess.

Conclusion

I'm posting this blog entry in case anyone else has had the odd redirect on their site and as a warning to double-check your posts, pages and images when you add new plugins.

Thank you,

Scott Hinkle

Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core “Business Start Up” Training

Recent Comments

12

Hey Scott, thanks for the heads up! I was actually wondering if this sort of thing was a risk worth developing a caution for. I know now that it is. Anyways I think it's great that you took the time to inform your site visitors of the security breach, it shows you have integrity and strong constitution of character. Great post! Thanks for sharing with us, I appreciate it.

It was a pain to track down but I wanted to share it here in case others had the same issue and I wanted to tell my visitors in case they were redirected. I wanted to make sure they knew it wasn't intentional. I hasn't happened now for quite some time so I think we got it.

Thanks for the heads up Scott.

Derek

Thank you for the info ,

Good to know -- who would've guessed?! ... actually for us techie novices -- maybe a 'diagnostique tool' would be helpful -- with all the intricacies today of websites, just wondering when something ails a website--how would we ever figure it out... can't exactly have it towed to the next closest garage to have it tuned up>.. :)

I think this is just another good reason to backup before adding any plugins. That way if one does mess it all up I can restore to a time just before adding it.

Wow, we appreciate your sharing this with us. We had no idea this could happen...
Colette and Philip

Thanks for the heads up on this plugin good to know

WHOA! I'm still so tech illiterate that I wouldn't have known what to do! Don't worry about the people...I think most of them understand. I mean how many of them could even build a page let alone fix a problem right?
Glad ya got it fixed!

Great information here, I had no idea this could happen. Thank you!

wow, great info. We all need to watch what we do on our sites since most of us don't really know anything about writing code. I am learning bits and pieces as I go, but unless someone told me there is a problem, I would never know.
Thanks for sharing this.
Jim

Thanks for commenting. I posted this here in hopes of preventing someone else from falling into this same trap and hopefully help them to resolve it if they do.

See more comments

Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core “Business Start Up” Training