Seonix Wordpress hack and the tool that fixed it in 5 minutes
shoemoney
·
·
2 min read
This morning I recieved a VERY disturbing email from one of our readers:
I selected all the posts and hit remove all:
Then you can see the results, see previous and current, and even revert all or certain changes.
On Tue, Apr 3, 2012 at 5:56 AM, Jorg Ruis Hi Jeremy, Tried to contact you Twitter and your contact form several times. Last week Thursday I discovered that someone got in to our backend and submitted quite some links (124 posts to be exact) to seonix.org. He also changed some of the canonicals of posts. I looked up which other domains were linking to him and I see quite some pages from you guys popping up like this one www.shoemoney.com/2008/11/04/making-money-with-local-affiliate-programs (chick the link at 'affiliate marketing'). He also got to VentureBeat, Crunchbase, W3-edge.com and some others. All the best, Jorg RuisFirst and foremost I want to thank Jorg for taking time out to email us. Some of these are years old. I looked at the post he mentioned then started going through the revisions of the post. It was easy to pinpoint what administrative users account had been comprimised. It was a former employee who had not been on our staff for 2 years. I searched then site wide and found 36 posts had the links to seonix.com with various keywords as anchor, title, and alt text. Now I could go through manually and change every one... but some had multiple links per post (average of 2 per post). But instead I used our awesome seo mass link wordpress plugin Using this tool I easily found all the links:
I selected all the posts and hit remove all:
Then you can see the results, see previous and current, and even revert all or certain changes.