Wonky Site Goblins

So, you may have noticed as of late the site has been… uhh, let’s go with erratic. The basic story is this, and I’m typing this now under the assumption it may return to wonky goblin-fed shitmess in the next few hours —

So, a few months ago, the site went down a couple times. Just down. Gone. Erased. Brought from back up, fine. Updated everything, that stopped happening. Then it was replaced by a Chinese search engine. Replaced from backup, fixed again. Then, a couple week ago — ads started showing up on the site. Google ads.

First, found the ad code in widgets.

Deleted the code.

Ads went away.

Then, two days later, ads came back up, this time found that plugins had been installed without my permission — !! — and those plugins were creating widgets and using the code. Deleted plugins, shored up security.

Ads went away.

Two days later — ads were back. Took forever to find where they were — it was code in my theme. So I disabled that theme, went to the default theme annnd —

Ads went away.

Six hours later, they came back. And this time they were cascading through the backend of the site, and it became largely unusable. So, we shut down the site and applied new security protocols and here we are, once again, no ads.

No idea how long it lasts! So, I’m sending out this message in a bottle to update you. Still chasing down goblins in case. More as I know it! Apologies for chaos!

14 responses to “Wonky Site Goblins”

  1. Hopefully you’ve already changed your admin login password – note that often the first thing they do is create a different login so they have a backdoor. So, be sure to check for any additional admin logins that may have been created to get back in each time you fix things!

    Also, get a bottle of goblin-b-gon.

  2. Sympathies. One of those utterly frustrating expenditures of time. This is the modern world. Unsolicited: I’ve used WordFence(.com) with success. Even the free plugin. Optionally, the ‘help me with my hack’ service. Best regards.

  3. Genius you for finding where the problems were. I’m basically a Geek Squad girl, myself. I envy you the amount of money you save by doing it yourself.

  4. I get your newsletter, and, don’t know if this is happening because of your goblins, but my inbox shows that it is from The Newark Times ( which is the genuine address of an email I am subscribed to). I have a screen shot of your email but don’t know how to attach it to this comment.

  5. I second the suggestion of using Wordfence I use them and and they are very good. However, in your place, I’d also be looking at changing my hosting provider – all these hacks and code injections suggest a weakness in server security.

  6. If it helps, your account was highly entertaining. No, you’re right. It’s no comfort at all, is it? The only answer is to go full analogue. Handwritten newsletters, sent via snail mail. As Ripley says, “It’s the only way to be sure.”

Speak Your Mind, Word-Nerds

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: