Spamming in WordPress platform

Last modified: March 27, 2020
You are here:
Estimated reading time: 3 min

Spamming Issues in WordPress platform

How to find and fix spam script in wp themes and plugins

Be careful while selecting any free Premium WordPress Themes because the theme can be no doubt free but you don’t know if its spam- or script-free too. Else you too will have to invest your time in researching the reasons like me or recovering your losses due to these scam scripts. In most case spam scripts are always there if you get a premium theme or plugin from the internet for free.

So next time if you get any premium theme or plugins from the Internet for free make sure it is spam-, script-free, otherwise you have to pay much more than the original cost of the themes and plugins. As in the traditional way you check the theme with your anti-virus software and get a green signal “No Virus Detected”,  you stop here and get it, but the reality is some spam scripts are not detected by anti-virus, google webmaster tools or any WordPress security plugin.

Let me share my experience in brief. I got an amazing impressive theme used by labnol for free. And the offer for me no doubt was like a “BUMPER PRIZE” . I tested it with anti-virus and Google fetch and it showed no error and according to me I became a saver by saving $200. I was really happy with the theme and was using it over my official website. But after one month I realized that my traffic decreased by 80% !!! This was the time when I was to search for the reasons. Why is my traffic drowning with such a drastic rate… ?

What’s wrong with the world???

And after my research I found something that shocked me!!! Yes it really shocked me when realized that after few refresh my blog redirect to some others site. My website was being controlled by a scam script. But it was quite late for the losses that I bared. I lost my genuine organic traffic, business and of course the hard work that I invested. This spam script was in themes header file which redirects to other site. So I immediately removed this script and went back back to my twenty eleven theme.

This tutorial will tell you how to find and fix spam script in your theme or plugin. But with every loss you learn something. And no doubt I had lost my ranking but got some answers, and I think they can help my friends and readers. Why spam script was not detected by the anti-virus ??

 Types of spam scripts in themes and what they can do : Scam Script implementation can be done in several ways.

i.   Some spam scripts are placed inside the theme or plugin for traffic and back link .
ii.  Other scripts can take control of your site and these are more dangerous as it can destroy you website or blog. Two ways how hackers place these scam scripts:
i.  The hackers place spam scripts in either by javascript code or php code.
ii.   Common and interesting thing in both is that in both cases scripts are encrypted so you can not be sure what this code does?

Encrypted JavaScript spam script

Encrypted JavaScript spam script
Encrypted JavaScript spam script


Encrypted php spam script

Encrypted php spam script
Encrypted php spam script


How to find and remove spam script in WordPress themes and plugins?

Okay, we need an IDE you can choose Notepad++ , Edit plus or Eclipse.Whenever you download some suspicious themes or plugins extract them to your desktop and do the following steps:

  1. Open your IDE . I choose Notepad++ because its light .
  2. Go to search and click “Find in files” menu.
  3. Now Find in files Box will be open in Find What enter the keyword eval.
  4. Now choose your theme or plugin directory.
  5. Click on find all.
  6. If result comes click on the link in result bar. You will see the encrypted line.
  7. Now Remove it.
Follow the same steps for the keywords curl:

Curl is a computer software project providing a library and command-line tool for transferring data using various protocolscurl has no use in your WordPress theme. Although some SEO plugins use curl for making connection with a remote server.This method without a doubt will remove the encrypted script but my recommendation is that you use genuine plugins and themes. Hope this helped you solve the Spamming issues in WordPress CMS.Good Luck and have a nice day!

ATTENTION:  All WordPress platform users and administrators. Dear valued customers, Our security team found that there is a high number of cases reported on Spamming from WordPress platform users. After further investigation and analysis of the reported cases, they found that the spammer is targeting WordPress core files, which is “/wp-includes/” folder as well as others Core WP folder: “/wp-content” and “/wp-admin”. The best way is to remove all the existing files from the hosting space and download the latest version directly from WordPress website. It is not recommended to re-install using 3rd party client, such as Softaculous or RVSiteBuilder or any other similar applications.

Was this article helpful?
Dislike 0
Views: 26
Customer Services Contact

Need Help? Send a Ticket to our 24X7 Technical Support Team

Subscribe Newsletter

Subscribe to Casbay Newsletter for online tips, events and latest promotion !

Copyright © 2010 – 2021 Casbay Sdn. Bhd. (1042688-D). All Rights Reserved.

All Trademarks Are The Property of Their Respective Owner.