Let me start with a confession. When I was just starting out my blog at WordPress, I used a “free” version of the Thesis Theme for WordPress – yes, the one you download from sites who claim to share the file for free.
At that time, all I wanted to do was to set-up a site ASAP and the only way to get a theme for me then was to search for a free theme online. Among the WordPress themes that I found, I was convinced that the Thesis theme was the best so I immediately downloaded a free copy, installed it and found out that it works! Just like the licensed copy – but without the $87 tag on it! “Cool,” I muttered. I even thought that I was so wise to get a free download of the theme while others need to pay for a licensed one.
“Cool,” I muttered. I even thought that I was so wise to get a free download of the theme while others need to pay for a licensed one.
WAITING FOR PR
Few months later, I became worried when I saw a lot of page not found errors on my site log. I was also so sure that something was wrong because my Page Rank was stuck at zero. Prior to this site, I had created two blogs and made them get a page rank of 3 in less than 3 months – each! Applying the same techniques, I was wondering how my PR just won’t get off.
I waited for a while to see what happens but until now, my site has still no PR. Given the high incidence of the 404 errors reported by the WP plug-in that I installed to monitor such instances, I inferred that something is wrong with my files. My site was affected by the widespread hacking incident among the GoDaddy sites sometime ago but I’m sure, the problem is deeper than that.
When I had read that the main reason why some sites offer free copies of premium WordPress themes was because they inserted codes on them, I began to worry. I immediately bought the licensed version of the Thesis Theme and changed it but somehow, the problem still persisted.
Finally, I decided to look at my WordPress files to check what’s wrong. Here’s what I found
THE FINDINGS
Definitely, bill_knows.php and shannen_auria.php are not legit WordPress files.
This finding reminded me of a comment left by Blankpixels on my post about identity thieves targeting bloggers. She mentioned about her experiment of accessing files in an unsecured connection and leaving a text file “set a password on your wifi and router or imma hack into your computer.txt“. What if Bill and Shanned just want to point out that my site is “under their control”?
Reinstalling the WordPress installation was not an option for me because I have a feeling that a code was inserted among my files. Uploading the same database after the WordPress reinstallation just won’t solve the problem.
Because I already have an account at Hostgator at this time, I finally decided to transfer GEORYL to Hostgator and start with a fresh install of everything – just importing the images, posts and the comments via the Import/Export tool of WordPress.
Checking my files now, 10 of the files shown in the image above are not present in my current wordpress installation. I already submitted a reconsideration request to Google, and I’ll update you what happens next.
Keeping my fingers crossed!
Caroline says
ohno! i hope everything going to be fine after this! 😉
Gee says
i think it’s gonna be fine now caroline. thanks! 🙂
A Walk Through Life says
Good luck sis. I hope you get the rightful PR for your site when the big G updates. As for me, I’ll just wait until the G algorithm will work under my favor. 🙂
Gee says
thanks sis. i’m keeping my fingers crossed. sana, pa-christmas gift na lang nila sa akin. hehehe. 😀
Peter J says
wow that is an interesting story you have here. I’ve always found, only use free from legitimate websites and only use premium from their real websites. Plugins and themes are two ways that give hackers the perfect opportunity to break into your code, so only access the websites that are trusted.
Best of luck with your submission and i hope it goes well with google.
Gee says
i had learned my lesson now. LOL! i’m not really a techie so I won’t know if a code is inserted on the themes or plug-ins that I’m using.
anyway, thanks peter. 🙂
Josie says
gosh, I need to check my files too, this site was stuck to PR-0. thanks for posting, I also used free WP templates. 🙂
Gee says
you’re welcome josie. please keep me posted about what happens.
blankPixels says
I actually know a couple of hackers and those who belong to the elite group don’t really harm your blog or your website. They’ll just put a file or a line of code or text on your pages to inform you that they hacked into your server. And from what I see, I think the hackers who got into your blog’s server had the intention to f*ck up your blog. Wait, did you check the free theme you downloaded if it included any mysterious files?
I hope you get all these fixed. Glad that your move to a new host went on smoothly. 🙂
Gee says
i had no idea about php before sis and my transfer to wordpress was not really planned. i don’t know to check my files – till now. i’m really hoping that this fresh install of everything will get rid of those errant codes.
stevebethere from bethere2day says
I am paranoid about that sort of thing, i scan everything i download i know things can still get through but it does work well (as long as you use good antispyware progs etc)
Good luck and I hope all turns out ok 🙂
Gee says
when it comes to my pc/laptop. I scan everything that I download too. the problem with using free wordpress themes though is that a single line of code can be inserted and the user will not know about it.
i really hope all will be well steve. thanks!
elai says
halu gee! missed visiting you and your site for awhile! anyway, this hacking thing really scares me. i hope i wont get acquainted with them in the future. only wordpress is prone to hacking, right? or blogger as well? i prefer free pa naman. hehehe. well, i hope everything will be okay. merry christmas 😉
Gee says
hi sis. oo nga, missed you! long time no see. hehehe. are you back to blogging na ulit?
merry christmas too!
chubskulit says
Wow buti ka pa Gee super talented sa tweaking heheh
Gee says
noooooo… hindi po siya talent. kailangan lang ng tiyaga para pag-aralan. hehehe.
Pinx says
this is scary… i am using a free wordpress theme too and like you, i am not a techie, all i know is just post and write, hehehe… but i would like to learn (somehow) how to tweak things… it’s so confusing actually. anyways, i’m glad i visited your site… i’ve learned a lot from you… honestly.
Eihdra says
This is scary. Since the identity thief thing, it got me paranoid.. Guess I have to check my files now. Thanks for the info Gee. 🙂