A passionate programmer’s findings in the world of internet.

Check If Your Blog Has Been XSS Hacked

Tuesday, June 17th, 2008

Matt Cutts mentioned about an easy check to know if your blog or website has been hacked using cross site-scripting (XSS). Since this blog got hacked not long ago, I did the check.

All you have to do is to google for: "<your domain> <spam keyword>"

Alternatively, you could try: "site:<your domain> <spam keyword>"

I guess everybody knows what keywords that most spammers would use. A very obvious example would be "porn". So, I search in Google for "enrii.com porn". In the search result, I found one of my page links to a porn site. As I opened the page, I can't see the word.

Using Ctrl-F on Firefox, it seems to be able to find the word, though it is not visible. Then, I looked in the source file (right-click > View Page Source), and I found a long list of links after blog content. The spammer hide the links with the following CSS:


Obviously, it is done for the search engines, not for my visitors. I have removed it. You should do the same for your blog. You should also try on different keywords.

Though it's interesting that this trick actually helps you to removed unwanted spam on your blog, I wonder why it would work as the page could have been removed from Google's search results if it contains spams.

Getting Too Much Spams, Even with Akismet

Wednesday, January 17th, 2007

I had to turn off commenting. Feeling tired to see hundreds of wordpress notifying me about spam comments. If you are experiencing the same thing, perform this SQL:

UPDATE wp_posts SET comment_status = "closed";