Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By dirkca on
I am wondering how it is possible for someone to put spam into my footer. Google has removed me from their indexing as a result of it. I am running the latest 5.x version of drupal. Any help would be appreciated.
Comments
Unless your website is
Unless your website is insecure, someone knows your password, or you've configured Drupal to allow Anonymous Users all permissions, this is a doubtful scenario.
More information would be needed to make any intelligent assessment of your problem. For starters, what spam? Is it HTML?, a script?, what does it do?
no users on site
There are no anonymous users on my site and I am the only member. Password seems pretty secure and is changed frequently.
I have since switched my hosting to a VC setup as I don't trust shared hosting environments anymore. Although there is a learning curve involved when going with a vc set up, I do believe that I sleep better.
This seems to be fairly
This seems to be fairly common on shared hosting lately.
There are also some third-party apps that are vulnerable to this sort of thing - I've heard of a number of Drupal sites getting infected via a Coppermine gallery installation.
What web applications are you running on your site? Just Drupal?
several apps
In my shared hosting account I have been running mediawiki, moodle and drupal. I usually go with the core install of the apps and update when there is a new release. I have one ftp account but no users on the apps that I don't trust.
I am happy that I made the decision to move to a vps setup running on the LXAdmin platform.
I have the same problem.
I have the same problem. First on 6.3, then a fresh install (same host) of 6.4 - but only after a period of about a week to 10 days after the installation. I have several modules installed common to both installs, but the delay of the insertion kept me from catching if it was one of the modules. Besides, something makes me doubt it is a module, anyway - and some of them were updated between installs, too.
I found the same thing in a Wordpress installation, and complained to my host - because the WP installation was for someone else, and I didn't know the password - only set up the DB, and even has a different domain name, and the only connection between the sites is host. The host, of course, claims it's the fault of my software.
I was careful in the second install to use a different password for the DB and the administrator, as well as to immediately disable user registrations (in the first one there was a strange user registration I thought might have been related), and to disallow permissions for anonymous for everything except access content. I also used a different theme.
The message is hidden in the footer with CSS, but does not appear on the screen (position: absolute; left: -1000; top: -1000; or something similar) and the text the second time around is EXACTLY the same as the previous time, including a link available there. Though the second time around, 2 drupal_error_handler() errors (in includes/common.inc, line 585) appear in the header, and one in a sidebar block.
no issues since moving to vps
I have since moved to a vps setup and have not had any issue of this ind anymore.
Sorry for the late reply!