stackoom
  简体   繁体   中英

A spam site is forwarding my site and showing add at the end of it

 原文  2016-04-08 08:41:06       wordpress/ security/ spam

Question

I made a new website with Wordpress which is http://drfarzin.net I randomly was googling my site that i saw another domain is presenting my site http://upciran.ir/web/aHR0cDovL2RyZmFyemluLm5ldC8= ! plus it has an advertisement at the end of it. here is the steps i did to prevent this spam but it didn't succeed:

  1. saw my log file while requesting to http://upciran.ir/web/aHR0cDovL2RyZmFyemluLm5ldC8= which was {5.78.123.116, 162.158.89.204 - -
    [08/Apr/2016:04:32:46 -0400] "GET / HTTP/1.1" 200 39199 " http://upciran.ir/web/aHR0cDovL2RyZmFyemluLm5ldC8= " "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36" - - -
    [08/Apr/2016:04:32:46 -0400] "GET / HTTP/1.0" 200 25733 "-" "-" 5.78.123.116, 162.158.89.204 - -
    [08/Apr/2016:04:32:47 -0400] "GET /wp-admin/admin.php?page=stats&noheader&proxy&chart=admin-bar-hours-scale-2x HTTP/1.1" 200 613 " http://drfarzin.net/ " "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36" }
  2. pinging http://upciran.ir/web/aHR0cDovL2RyZmFyemluLm5ldC8= then block its ip in cloudflare and wordfence (wordpress plugin)

**the odd part that i dont undrestand is while you brows in to http://upciran.ir/web/aHR0cDovL2RyZmFyemluLm5ldC8= , its url will not be changed **

1 answers

solution1
 2 ACCPTED  2016-04-08 09:16:28

It's loaded from iframe...

You cannot check it from the server's side, but you can use javascript to detect it after the page has loaded . Compare top and self, if they're not identical, you are in a frame.

Additionally, some modern browsers respect the X-FRAME-OPTIONS header, that can have two values:

DENY – prevents the page from being rendered if it is contained in a frame SAMEORIGIN – same as above, unless the page belongs to the same domain as the top-level frameset holder. Users include Google's Picasa, that cannot be embedded in a frame.

Browsers that support the header, with the minimum version:

IE8 and IE9 Opera 10.50 Safari 4 Chrome 4.1.249.1042 Firefox 3.6.9 (older versions with NoScript)

EXAMPLE: 

if(top!=self){
        top.location.replace(document.location);
        alert("For security reasons, framing is not allowed; click OK to remove the frames.")
    }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Spam showing under main logo on hacked WordPress site Spam text showing under site URL in search results How do I eliminate spam sigup on my wordpress site Pictures not showing up on my site Size Attribute is not showing on front end of WooCommerce site Spam emails strange wordpress site Featured images not showing on my wordpress site Wordpress site being flooded with spam referrals Top of wordpress site is displaying incorrectly, with spam text Forwarding WooCommerce 'Shop' page to another page on a site
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM