WordPress Hack i2wp.org – How To Fix


About The Author
Avatar Cabe Nolan is the founder of WP Cover where he shares his insight into WordPress, development, & entrepreneurship. Outside of WPCover, Cabe continues to run a successful WordPress development firm, Bold City Design as well as a few high profile websites, Arrivala, Two Way Resume, Dock Skipper, and a successful outdoors brand, DolfinPack.







WordPress Hack i2wp.org – How To Fix

I recently brought on a new client who’s WordPress based site had been neglected.  As is typically the result, the site became compromised and their Google Adwords campaigns had been suspended and their site blacklisted.  They were looking for guidance ASAP.

I began my normal process of combing through source code and running a couple scans on the file system.  Nothing seemed to catch my eye.  Luckily, there is another great source called File Viewer that saved the day.  File Viewer allows you to view the source code of your site based on the referrer and the user agent you would like to use.

After doing a search on File Viewer and examining the source code with Google as the referrer and Firefox as the User agent, it was evident that an extra script had been added in the footer: i2wp.org/jquery.js.  Got ya!

i2wporg-wordpress-hack

In the end, the site was compromised due to a plugin that had not been updated in some time.  Running my necessary scans, closing backdoors, and replacing all plugin and WordPress core files did the trick.

I’m happy to report that all Adwords campaigns are back running and the site has been removed from all blacklists.  Hope this helps somebody in a similar situation.


Share Your Thoughts

Leave a Reply

Your email address will not be published. Required fields are marked *


Related Stuff You Might Like







20% Off WP Engine

WordPress News, Tips, & Code Snippets

Join the WP Cover mailing list and get wordpress news, tips, code snippets, security warnings, and more delivered right to your inbox.  We won't flood your inbox, newsletters typically go out every 1-2 weeks unless it involves an important security release.

You have Successfully Subscribed!