Let me start with a confession. When I was just starting out my blog at WordPress, I used a “free” version of the Thesis Theme for WordPress – yes, the one you download from sites who claim to share the file for free.
At that time, all I wanted to do was to set-up a site ASAP and the only way to get a theme for me then was to search for a free theme online. Among the WordPress themes that I found, I was convinced that the Thesis theme was the best so I immediately downloaded a free copy, installed it and found out that it works! Just like the licensed copy – but without the $87 tag on it! “Cool,” I muttered. I even thought that I was so wise to get a free download of the theme while others need to pay for a licensed one.
“Cool,” I muttered. I even thought that I was so wise to get a free download of the theme while others need to pay for a licensed one.
WAITING FOR PR
Few months later, I became worried when I saw a lot of page not found errors on my site log. I was also so sure that something was wrong because my Page Rank was stuck at zero. Prior to this site, I had created two blogs and made them get a page rank of 3 in less than 3 months – each! Applying the same techniques, I was wondering how my PR just won’t get off.
I waited for a while to see what happens but until now, my site has still no PR. Given the high incidence of the 404 errors reported by the WP plug-in that I installed to monitor such instances, I inferred that something is wrong with my files. My site was affected by the widespread hacking incident among the GoDaddy sites sometime ago but I’m sure, the problem is deeper than that.
When I had read that the main reason why some sites offer free copies of premium WordPress themes was because they inserted codes on them, I began to worry. I immediately bought the licensed version of the Thesis Theme and changed it but somehow, the problem still persisted.
Finally, I decided to look at my WordPress files to check what’s wrong. Here’s what I found (please click the image for a larger version).
Definitely, bill_knows.php and shannen_auria.php are not legit WordPress files.
This finding reminded me of a comment left by Blankpixels on my post about identity thieves targeting bloggers. She mentioned about her experiment of accessing files in an unsecured connection and leaving a text file “set a password on your wifi and router or imma hack into your computer.txt“. What if Bill and Shanned just want to point out that my site is “under their control”?
Reinstalling the WordPress installation was not an option for me because I have a feeling that a code was inserted among my files. Uploading the same database after the WordPress reinstallation just won’t solve the problem.
Because I already have an account at Hostgator at this time, I finally decided to transfer GEORYL to Hostgator and start with a fresh install of everything – just importing the images, posts and the comments via the Import/Export tool of WordPress.
Checking my files now, 10 of the files shown in the image above are not present in my current wordpress installation. I already submitted a reconsideration request to Google, and I’ll update you what happens next.
Keeping my fingers crossed!