11
PaaPsik
5y

fuck wordpress... Got a request to improve wordpress site speed + pagespeed score. 20-30 plugins, 15 or more additional ones off. Improved the score and noticed that my adblocker is blocking a lot of urls. Sure enough theres a hidden iframe in the bottom with 10 ad network scripts and bidding get requests. Someone is making ad revenue from this shit.. wtf. I've only had problems with shitty wordpress sites being hacked for some reason. It's always a shitty experience. Any tips on fixing hacked wordpress sites?

Comments
  • 2
    Nuke it from orbit...
  • 4
    Wordpress has some XSS exploits buried in it due to still running jQuery 1.12.4. They won’t update it out of fear of breaking backwards compatibility, yet for some reason they’ll shove a whole new, unwanted, 2-star editing interface on everyone within a year...
  • 3
    Hacked WordPress sites are so common that there is a standard Linux command to solve the problem:
    .
    .
    .
    .
    .
    .
    rm -rf
  • 2
    @Fast-Nop dont forget the flags to not preserve root
  • 3
    This has been happening for so many years. Replace as many of the files as possible with original, even go through all theme files, I've seen encoded jobblemegook at the ends of most unexpecting files, and dodgy wordpress-esque named files in the tree. The best security plugin I have used is wordfence. As for page speed, wp-cache enabler with fast velocity minify with a couple of js tweaks for font gap render removal and local caching of all 3rd party resources (analytics, tawk whatever) gets us 98 on the pagespeed.
Add Comment