Everywhere you browse, SQL inject is making rounds among bloggers and site owners. What it does is inject SQL commands on your site, especially sites based on popular CMS including WordPress, Drupal, Joomla, and so on. If you are running a WordPress-based blog site, then you need to check them to find out and fix spam scripts that could be selling Viagra pills and number of irrelevant products.
Follow these effective tips on how to find and fix spam scripts on WordPress theme:
1. Find the spam scripts – In order to protect your site of these harmful SQL scripts, use Google fetch to see if there are any suspicious spams on your pages. Even with this tool, it’s likely you’ll miss out other unexpected content. Therefore, the best way is to view your page source by right clicking your mouse and selecting “view page source” from the menu options to check manually any occurrences of “spam-indexing”. If you find any unusual codes, then follow the next step.
2. Remove the script through FTP or C-Panel – Simply login to your FTP or C-panel account, navigate to the infected page, and completely remove the script from there. In WordPress, you can easily remove SQL injections from “appearance” menu and clicking on the editor option. Look for the infected section, edit and remove the script, and save the changes.
3. Use Google fetch – After removing spammy scripts, use Google fetch to properly index your site by Google bot. Also re-submit your XML and HTML version to every search engines out there.
Now that you know how to remove SQL scripts, read on to how to make your WordPress blog safe from these spam scripts:
1. Always update your WordPress blog to the latest version. Few months back, I left my WordPress blog without updating when new version came out. Guess what happened? My blog was immediately hacked by an Iranian-based hacker. Ever since then, I make sure I keep an eye on “updates” tab on the dashboard and update them immediately once the pack is released. Simply click the “update theme” option, and within seconds, you’ll have an updated WordPress blog which will filter out any spams that might be plaguing your blog.
2. Install and use Akismet plugin. If you post regularly on your WordPress-based blog site, then sooner you’ll notice that hundreds, if not thousands, of spammy comments waiting for your approval. This could be frustrating to go over and delete them manually, but if you are smart like me and many other bloggers out there, install and use Akismet plugin. This plugin filters out any suspicious comments and labels them spams, thereby, making you easy to manage spammy comments which have a way to enter your scripts and ruin your site.
3. Use several different reliable security plugins. When it comes to protecting your WordPress site against SQL inject and other virus attacks, always make sure you install widely used popular security plugins available from the WordPress site itself. To begin with, install BPS security or WP security plugins that are widely known, used, and personally think the best in the internet to protect your WordPress blog against malicious attacks.
4. Backup database and files, regularly. Make sure the backup files include all necessary pages, images, posts, codes, plugins, and any other files. When you have a backup, you can easily recover everything back with just a click of a button in case you lose important files due to SQL inject or other virus attacks.
5. Change your username and password regularly. Avoid spam scripts by changing your username and password that seem obvious to a potential hacker to gain access to. If possible, change them regularly – after every month. Never use the word “admin” and common passwords like “password” and “123456″. Get it?
Article by Erik Hernandez
Erik Hernandez is an expert SEO, SEM and content writer working for many years in this industry. Follow @ www.zinzz.com, chat platform.