Links to my own posts redirecting to spam sites
-
I changed from a paid plan to unpaid several years ago after deciding to stop blogging. It seems that now, all of the links I’d added within posts to other posts of my own now redirect to a Thai slot machine spam site. I really don’t know what to do, because I’d like to keep my site still active as archives but I don’t want that people are redirecting to something dangerous when they try to click these links. Can someone help?
The blog I need help with is: (visible only to logged in users)
-
Someone may have gained access to your site and changed the links.
I can see one of the sites you have linked to “StonyBrookCounseling,” has had their Team page replaced with the gambling site.
Hopefully a mod will be able to assist you soon. You may also consider enabling Two-factor authentication.
-
It’s so weird, I never even linked to that StonyBrookCounseling site either! I don’t even know what it is. It’s something else from whatever injected the malware. I changed the password but I don’t know how to get rid of the links. Do you know if there’s anyway to remove all links or change the site archives to be read-only?
-
To my knowledge, without access to a plugin, you cannot alter the links enmasse. With a free plan we’re limited to manually changing links.
I suspect the individual who hacked your site has spent considerable time manually changing the links. Considering your last post date, they had around a year or more to do this.
It will be a bit of a slog, but you can edit each of your posts and pages to check the URLs in links to make sure they are accurate. Essentially, you are reversing the process the hacker went through when they accessed your site.
-
Wow. I figured they were able to use some kind of hack to do it. Crazy that they were willing to spend that much time to do it manually. I don’t even want to spend that much time to change it manually, I just don’t want anyone to be endangered accessing those spam sites.
Thank you so much for taking the time to give me some advice!
-
I’ve just thought of a workaround for the link editing.
Since we know at least 1 of the bad URLs, you could go to your post list and search for StonyBrook. This should list any post that includes that particular link.
Then all you need to do is edit the post to remove the link.
If you find any other bad URLs, those to can be searched for to reveal the particular posts that include the link.
Alternatively, you do do have the option to Unpublish your posts. Effectively returning them to drafts, unaccessible to internet denizens.
There is a Bulk Edit option in admin that will let you do this at scale. I think there is also an option in Settings to unpublish the entire site without deleting it.
-
Thank you so much for thinking about this! I searched my posts for stonybrook but nothing came up. I think because the link showing in the address bar is still the correct one I’d inserted; the spam link with that keyword only displays in the window that opens after it’s clicked. The search results make it look like the word stonybrook doesn’t appear anywhere.
Do you know if there’s any option to remove all links in a bulk edit? I would love to be able to do that without returning everything to draft form/unpublishing. I like leaving the archives up for reference, they’ve still proven helpful to many authors and readers over the years. It would be a shame to take it down entirely.
-
Unfortunately, this is not possible on WordPress.com hosted sites without access to plugins. Plugins are the only tool capable of editing/removing links in bulk site wide.
On a WordPress.org (self-hosted) site, you could edit the site code to remove all links as a workaround, instead of using a plugin.
I would suggest sending a support ticket to WordPress explaining the situation. They may have the tools or ability to remove malicious links.
You can access the support function by tapping on the (?) Button top-right. While the chat bot tends to send people to these forums, there should also be a dialog option for emailing support.
-
Do you know if there’s any option to remove all links in a bulk edit?
The only way I think this can be done is to export your current content, open the XML file in a plain text editor like EditPad or Notepad and use the app’s search and replace function to remove all mentions of your custom domain and replace it with the underlying WPcom address. So mydomain.com to mysite.wordpress.com Then save it as a new XML file and import it back to your site.
Export your site’s content to transfer it to another WordPress site or platform. In this guide, you will learn how to export your site’s posts, pages, and comments. In this guidePrepare for exportExport your contentAbout your export fileAbout your site’s mediaAfter the exportAdditional stepsExport as a backup toolTroubleshoot export errors Have a question? AskIf you want to test this first, you can create a partial export.
You can export specific content, like just your pages, posts, or feedback, from your WordPress.com site. In this guide, you will learn how to export specific content. In this guideExport specific contentAfter the exportExport errors Have a question? Ask our AI assistant Back to top Export specific content Instead of exporting your entire weBTW it’s not hackers, per se. It’s what happens when you give up a custom domain anywhere on the web. The spammer sites bought your old domain to take advantage of your site traffic.
I’d also wait for staff to reply here in case they have a different solution to offer.
-
-
That would make sense that they bought the domain. Thanks for explaining. And for this possibility — I’m going to try the partial export first and see if this works. Thank you so much, really appreciate it!
-
@justjennifer I understand being able to redirect a purchased domain name, but wonder if a redirected custom domain would also allow the purchaser to alter individual links within post and page contents of said website?
I would think a site editor’s login credentials would be required to make such changes to a website.
@whatsnonfiction I don’t see it mentioned in your previous post. Did you have a custom domain name before you downgraded your blog?
-
Yes, I had purchased whatsnonfiction.com. When I stopped blogging I allowed it to revert to .wordpress.com. So that seems to make sense now.
-
@whatsnonfiction Thank you for the clarification. My apologies, I seem to have missed an important point in the your initial post. @justjennifer is quite right.
I do see as justjennifer mentions, that the old URL appears to have been redirected to the Team page at StonyBrook.
Any links on your blog that referred to the old nonfiction URL are now pointing at StonyBrook.
The suggestion to edit XML is likely the best course of action.
-
No worries, I probably didn’t explain it as clearly as I could have. I assume this StonyBrook Team page was also a hacked site because I had no connection to it and never linked to it. I’m going to try the XML edit suggestion. Thanks again to you all.
-
Hey @whatsnonfiction ignore the spam replies.
Let us know how it goes and whether you need more help with this.
- The topic ‘Links to my own posts redirecting to spam sites’ is closed to new replies.
WordPress.com Forums 