sell website making service

Author: Moheimen Ahmed

How to fix WordPress website if it says hacked by dr.m1st3r

Recently on a client site, some of the pages were suddenly hacked by dr.m1st3r and that happened in the blink of an eye, as I was working on localhost after transferring the site from live.

I google and came up to an article https://thepersonalblog.com/sites-hacked-by-dr-mister-dr-m1st3r/ which saved me from more research about how to fix this hacking. This point “[New!] Easier Fix For Hack” worked from me from that article, the malicious code was javascript and was inside a widget on the backend like the screenshot below.

How to fix WordPress website if it says hacked by dr.m1st3r

The whole article is here for the reference:

Sites Hacked By Dr Mister (dr.m1st3r)

Just got off the Grand Canyon (16 day river trip) and I knew there would be much shit to deal with when I return back into society. The one thing I wasn’t ready for was having to deal with hacked sites. The sites that got hacked weren’t major sites, and not the sites that really gets me paid (thank god, I don’t want tanked SEO!) but it’s a major inconvenience just the same. Luckily none of my clients sites were hacked either.

Only Sites On A2 Hosting Were Hacked

I don’t know how relevant this is, but it was only my sites hosted on A2 Hosting that were affected. None of my sites on HostGator were hacked. This might be a coincidence, but it makes me wonder if either A2 Hosting was being targeted, or if there’s a vulnerability with the solution. I only recently switched to A2 Hosting after the “#HostgatorDown” incident, where basically all the HostGator reseller plans had gone offline. After this event (and the serious lack of concern from the support ticket I created) I’m 99% sure I’m going to be switching over to SiteGround, which is EIG free (never go with an Endurance International Group company) and has come highly recommended by some local web developers that I highly trust.

All Hacked Sites Were WordPress Sites

I don’t know if there’s a vulnerability in the WordPress platform that the hacker managed to exploit or not. It might just be a coincidence and if the site was html, php or a different CMS, who knows whether they’d also be hacked, or if it would have only been the WordPress sites.

Softaculous Causing Security Risks?

These WordPress sites were also all created using Softaculous. Softaculous is an auto-installer for WordPress. Doing some Googling, it appears that software installers might be capable of creating security risks. It’s worth mentioning, and I highly doubt I’ll ever do any WordPress installs outside of manual installs again. Not saying this is for sure why this happened, but it’s at least worth pondering.

About The Hack

Only the sites that were upgraded to the latest version of WordPress were “100% affected”. The other sites just had some funkiness to it. The latest WordPress sites would display nothing but a link to Dr. Mister’s Facebook page (fb.com/dr.m1st3r). The ones that weren’t updated to the fullest version had some funkiness, such as messed up widget areas, a modified site-name that seemed to be a piece of broken code and other qwerks. I updated one site to the latest WordPress version, hoping it’d replace the core files necessary to fix the qwerks. As soon as I updated to version 4.2.1, the site was suddenly displaying nothing but the “fb.com/dr.m1st3r”.

Was The Attack Targeted / Malicious?

I’m hoping the attack wasn’t directed at me and malicious in nature. I’m assuming if Dr. Mister was targeting me specifically, all my sites would be #TangoDown. I’m assuming that it’s a random thing and I’m willing to assume many sites outside of mine were affected as well.

[New!] Easier Fix For Hack

Turns out it’s some malicious code inside of a widget. Deleting that widget will solve the issue. Note: Taking the widget out of an active widget space isn’t enough! In order for this to work you must delete the widget completely.

How To Fix The WordPress Hack

The hack wasn’t that difficult to recover from. The key part is making sure you don’t lose content. Here’s the steps I did to fix the hacking:

  1. Zip / download the “wordpress-content” file – This is the file that contains all themes, plugins and file uploads. It’s very important to maintain this, as if it’s overwritten, you’ll lose all your uploaded content.
  2. Export WordPress XML file – place the “/wp-admin/” into your admin bar and you’ll still be able to access the admin dashboard. Export the WordPress XML file.
  3. Reinstall WordPress – I originally tried tinkering with replacing individual PHP files to try to figure out what file was causing the “fb.com/dr.m1st3r”. Eventually I just said screw it, cause I knew this method would work as well. Requires tinkering with some site settings again, but it’s kind of whatever.
  4. Replace “wp-admin” folder – Replace the “wp-admin” folder from the new install with the previous one. I did this prior to uploading the WordPress folder to me site, but it can be replaced afterwards as well.
  5. Create new database – I didn’t know if it could have been an SQL hack or not, but I figured I’d be safe and create a new SQL database. This might not be required, but it was simple enough that I just did it.
  6. Import WordPress XML file – This will upload all your content.
  7. Tweak WordPress settings – You’ll have to retweak all the settings such as widget, site name, permalinks, ect. This was the most annoying part.
  8. Run a broken link check – There’s multiple WordPress plugins that can do this. I was using a 301 redirect plugin on one site and lost all my 301s. The broken link checker helped me find and recover this.

A lot of pages with Japanese content are indexed in google but when I go there it says page not found

I answered a question from support.google.com/webmasters/ i think this answer will help.

I am facing the same issue, I fixed the site maybe google will re-crawl and correct URLs in its search, I fixed the site 2 days back but still seeing Japanese texts are there on google search results just like yours.

How I fixed the site:

Somehow the site was hacked, so I worked for making the site clean, so by default Google will see the clean site now. It is probably the sitemap google is getting from your site and hacker hacked the sitemap, so I cleaned the sitemap, I use Yoast SEO. You can check your sitemap I guess you will find those unknown links in sitemap also.

1) Use security plugins to check the site, most probably WordPress in my case the core files were affected so it is a bit easy to find hacking codes compared to clean WordPress installation, the security plugin will point hack codes and replace those files and check the site.

2) After cleaning the site, check if the sitemap is clean as expected IF NOT take a backup of the site using all in one migration plugin and install the backup in another hosting, and again check the site with a security plugin and Yoast SEO sitemap style.

I did the above steps and found out my sitemap is clean and all unknown links are gone. So I hope Google will delete those 404 links from google search and re-crawl my site.

security plugin used to check affected files:
Sucuri Security – Auditing, Malware Scanner and Security Hardening

bonus: make the site’s security very very tight so no one can change or write on files and directories to avoid future hack. Whenever you see errors in search console re-check your sitemap to check if the hacking is done again or not, I check daily after the hack, hope this process will work.

Awesome BEAUTIFUL Glyphicons Icons for your next project

What are Glyphicons?

Glyphs are nonverbal symbols and have been used in human communication since the beginning of mankind. Each picture/sign represents a word and form a universal language which is comprehensible to all people in the world.

Glyphicons are icon fonts which are used in web development. Glyphicons Halflings are not free and require licensing; however their creator has made them available for Bootstrap projects free of cost.

Icons are very important, though, and having to manually integrate external packs can be confusing and daunting task for beginners. That is why we have written this article to make it easier to integrate and use Glyphicons and its alternatives.

How to use Glyphicons

Unlike its alternatives, Glyphicons is integrated with Bootstrap version 3 upwards. Therefore, you do not have to download the pack separately.

Where to find Glyphicons?

Glyphicons can be found within the fonts folder inside the bootstrap folder. It contains the following files:

  • Glyphicons-halflings-regular.eot
  • Glyphicons-halflings-regular.svg
  • Glyphicons-halflings-regular.ttf
  • Glyphicons-halflings-regular.woff

C:\Users\admin\Documents\Johnmadakin.com\wordpress blog images\compiledfilestructure.jpg

Associated CSS rules are present within bootstrap.css and bootstrap-min.css files within CSS folder of destination folder.

All icons in the pack require a base class and individual icon class. To use, place the following code just about anywhere. Ensure you leave a space between the icon and text for proper padding.

Do’s and Don’ts

Only for use on empty elements: Icon classes should only be used on elements that contain no text content and have no child elements.

Don’t mix with other components: Icon classes cannot be directly combined with other components. They should not be used along with other classes on the same element. Instead, add a nested <span> and apply the icon classes to the <span>.

Changing the icon font location

Bootstrap assumes icon font files will be located in the .../fonts/ directory, relative to the compiled CSS files. Moving or renaming those font files means updating the CSS in one of three ways:

  • Change the @icon-font-path and/or @icon-font-name variables in the source Less files.
  • Utilize the relative URLs option provided by the Less compiler.
  • Change the url() paths in the compiled CSS.

Use whatever option best suits your specific development setup.

Accessible icons

Modern versions of assistive technologies will announce CSS generated content, as well as specific Unicode characters. To avoid unintended and confusing output in screen readers (particularly when icons are used purely for decoration), we hide them with the aria-hidden=”true” attribute.

If you’re using an icon to convey meaning (rather than only as a decorative element), ensure that this meaning is also conveyed to assistive technologies – for instance, include additional content, visually hidden with the .sr-only class.

If you’re creating controls with no other text (such as a <button> that only contains an icon), you should always provide alternative content to identify the purpose of the control, so that it will make sense to users of assistive technologies. In this case, you could add an aria-label attribute on the control itself.

<span class=”glyphicon glyphicon-search” aria-hidden=”true”></span>

Examples:

<p>

<button type = “button” class = “btn btn-default”>

<span class = “glyphicon glyphicon-sort-by-attributes”></span>

</button>

 

<button type = “button” class = “btn btn-default”>

<span class = “glyphicon glyphicon-sort-by-attributes-alt”></span>

</button>

 

<button type = “button” class = “btn btn-default”>

<span class = “glyphicon glyphicon-sort-by-order”></span>

</button>

 

<button type = “button” class = “btn btn-default”>

<span class = “glyphicon glyphicon-sort-by-order-alt”></span>

</button>

</p>

<button type = “button” class = “btn btn-default btn-lg”>

<span class = “glyphicon glyphicon-user”></span>

 

User

</button>

<button type = “button” class = “btn btn-default btn-sm”>

<span class = “glyphicon glyphicon-user”></span>

 

User

</button>

<button type =”button” class = “btn btn-default btn-xs”>

<span class = “glyphicon glyphicon-user”></span>

 

User

</button>

Note: Leave a space between the icon and text for proper padding.

Awesome BEAUTIFUL Glyphicons Icons for your next project

Alternatives to Glyphicons and how to integrate them

Font Awesome has been the most used icons in the developer community for a while now. The pack features more than 600 beautiful vector icons, giving you full CSS control over how you use them.

This completely free icon library is constantly being updated with new icons and is very easy to integrate; all you have to do is add their CSS to your website.

Step 1: Insert the CDN directly on the <head> of your HTML file using the line:

<link rel=”stylesheet” href=”https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css”>

Or download (https://fortawesome.github.io/Font-Awesome/assets/font-awesome-4.5.0.zip) Font Awesome manually on your own server.

Step2: After integrating the Font Awesome library, you can add any of the package’s icons anywhere you want on your page by using the <span> tag and the fa CSS Prefix.

You can download the font awesome List here (specific CSS classes included) – (https://fortawesome.github.io/Font-Awesome/cheatsheet/)

For example:

<span class=”fa fa-ambulance red-icon”></span> fa-ambulance would add the ambulance icon.

After which you can edit your new ambulance icon in any way you want.

To change the sizes, you can use the fa-2x, fa-3x, fa-4x or fa-5x classes.

<span class=”fa fa-ambulance-o fa-2x red-icon”></span> fa-ambulance would create a double-sized ambulance icon.

Changing your new icon’s color is very easy. In the CSS file, include something like:

.red-icon {

color: red;

}

Another alternative to Glyphicons is Typicons.

The Typicons icon pack contains 336 fully customizable vectors free to use in all your web applications.

Installing Typicons is just as easy as installing Font Awesome:

Step 1: Download the Typicons icons here – (https://github.com/stephenhutchings/typicons.font).

Step 2: Integrate the CSS file “typicons.min.css” as reference in the <head> of your HTML file.

<link rel=’stylesheet’ href=’folderlocation/src/font/typicons.min.css’ />

Step 3: Include the icons in your website using the simple <span> tag followed by “typcn typcn-classname”.

You can find all the icons and their class names here – (http://www.typicons.com/).

Example: <span> class=”typcn typcn-coffee green-icon”</span> would add the coffee icon.

Check Most Recent Posts