Announcement

 

Pages: 1

#1 2016-08-16 17:19:59

helmuc
Member
Maidstone, UK
2013-05-23
73

Please help me to clean my piwigo site

Hi, my piwigo site was infected long time ago (can't remember the name of the plugin) and after that appears in the eyes of Google as related to sales of cialis, -//:---\spam and other sh**.

I believe that just because of that I can't get any search traffic as google most probably think that the site is infected.

I keep seeing charts like this in search console, just the names of drugs change all the time:
http://content.screencast.com/users/helmuc/folders/Jing/media/ff797453-dd59-4b94-992d-f2ae66a8049a/search-console.png

ok, so today it is some "metronidazole 400mg"

went to google and run this search to check it and voila:
http://content.screencast.com/users/helmuc/folders/Jing/media/4565d9df-bab8-439f-9dfd-73b5365845af/2016-08-16_1604.png

but, when you go into source code - the meds are not there at all.. the site seems to be clean:
http://content.screencast.com/users/helmuc/folders/Jing/media/22623753-e86b-4e3a-952a-52408d6bc108/metro.png

and

http://content.screencast.com/users/helmuc/folders/Jing/media/ad34aefc-00fe-4eb3-824d-831be21f70f2/viagr.png

---------

yes, I love piwigo and few of my loyal users are used to it as well, but I will most definitely move over to a different place if I am unable to clean up the site.. I have posted my issue couple of times before, but the problem stays unsolved.

Please help me to stay with piwigo.. :/

Thank you
Helmuts

Piwigo version: 2.8.2
PHP version: 5.5.38
MySQL version: 5.6.31
Piwigo URL: http://www.artforweb.co.uk

https://photos.summit.london/

Offline

 

#2 2016-08-16 20:22:31

helmuc
Member
Maidstone, UK
2013-05-23
73

Re: Please help me to clean my piwigo site

hmm.. finally I know where to look into :)

posted a similar thread at reddit and the people over there actually told me where to look into: https://www.reddit.com/r/bigseo/comment … ghts_on_a/

--------

Helmuts

https://photos.summit.london/

Offline

 

#3 2016-08-16 21:55:20

helmuc
Member
Maidstone, UK
2013-05-23
73

Re: Please help me to clean my piwigo site

scanned db after the kw "metronidazole" and found following thing:

http://content.screencast.com/users/helmuc/folders/Jing/media/a010eb35-6979-4854-9881-20afbfc3a96c/2016-08-16_2051.png

then:
http://content.screencast.com/users/helmuc/folders/Jing/media/feec4724-bf50-4b1b-b39a-f352e4dc375c/2016-08-16_2105.png

details:

Code:

SELECT * 
FROM  `information_schema`.`PROCESSLIST` 
WHERE (
CONVERT(  `ID` 
USING utf8 ) LIKE  '%metronidazole%'
OR CONVERT(  `USER` 
USING utf8 ) LIKE  '%metronidazole%'
OR CONVERT(  `HOST` 
USING utf8 ) LIKE  '%metronidazole%'
OR CONVERT(  `DB` 
USING utf8 ) LIKE  '%metronidazole%'
OR CONVERT(  `COMMAND` 
USING utf8 ) LIKE  '%metronidazole%'
OR CONVERT(  `TIME` 
USING utf8 ) LIKE  '%metronidazole%'
OR CONVERT(  `STATE` 
USING utf8 ) LIKE  '%metronidazole%'
OR CONVERT(  `INFO` 
USING utf8 ) LIKE  '%metronidazole%'
)
LIMIT 0 , 30

-----------

dear piwigo developers > what could you suggest me?

huge thank you in advance,
Helmuts

Last edited by helmuc (2016-08-16 22:06:55)

https://photos.summit.london/

Offline

 

#4 2016-08-18 17:51:55

helmuc
Member
Maidstone, UK
2013-05-23
73

Re: Please help me to clean my piwigo site

can anybody from the support comment here, please? thank you.

.. even 2 lines will do the job.
H

https://photos.summit.london/

Offline

 

#5 2016-08-19 09:45:52

teekay
Member
2013-06-12
427

Re: Please help me to clean my piwigo site

Uhm, the information_schema.processlist table lists mysql processes.
So, if you execute a query you will find it in the processlist, of course.
That means: your search on "metronidazole" executes a select on processlist, which just finds itself.

As long the result is 1 and the only match is in the information_schema.processlist, it didn't find any match in any table. All is good.

Offline

 

#6 2016-08-19 10:03:07

teekay
Member
2013-06-12
427

Re: Please help me to clean my piwigo site

I checked the google results for your site. There are some URIs like "/index.php?p=inderal-5mg" that directly redirect to some online pharmacy. And it's still working.

It "looks" like Piwigo's index.php is doing the redirect, but I suspect this to be more like a .htaccess hack.
Please check for a .htaccess file in your Piwigo installation folder.

Check your webserver access logs for GET requests on php files that are not part of the Piwigo installation.

Some notes on such redirect hacks: https://aw-snap.info/articles/redirects.php

Last edited by teekay (2016-08-19 10:32:47)

Offline

 

#7 2016-08-22 21:33:02

helmuc
Member
Maidstone, UK
2013-05-23
73

Re: Please help me to clean my piwigo site

teekay wrote:

I checked the google results for your site. There are some URIs like "/index.php?p=inderal-5mg" that directly redirect to some online pharmacy. And it's still working.

It "looks" like Piwigo's index.php is doing the redirect, but I suspect this to be more like a .htaccess hack.
Please check for a .htaccess file in your Piwigo installation folder.

Check your webserver access logs for GET requests on php files that are not part of the Piwigo installation.

Some notes on such redirect hacks: https://aw-snap.info/articles/redirects.php

Thank you - will check that. Helmuts

https://photos.summit.london/

Offline

 

Pages: 1

 

Board footer

Powered by FluxBB

github twitter newsletter Donate Piwigo.org © 2002-2024 · Contact