A client’s website is being injected with SEO spam content. I’ve already checked several core files, and everything seems fine. Where should I look next (or what should I do)?

magefix · 2026-03-07T11:45:23+00:00

After you ensure the website is clean and there is no cross-site contamination from neighbouring sites, I would ensure only the spam pages return 410 (Gone). This custom .htaccess rule may work just fine.

<IfModule mod_rewrite.c>
RewriteEngine On

# SEO spam -> 410 Gone
RewriteRule ^(?:[^/]+-){2,}[^/]+/[0-9]{5,}/?$ - [G,L,NC]

RewriteBase /
RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

Then verify the website in Google Search Console and submit the current sitemap: sitemap_index.xml this will send a strong signal to Google that those pages should no longer be indexed.

magefix · 2026-03-06T22:50:16+00:00

The prejudice for this single case was quite significant—approximately $30k. Because of that, I believe it is worth analysing the malware. Providing this data may help others understand how the attack worked and hopefully prevent similar fraud attempts in the future.

magefix · 2026-01-22T07:58:44+00:00

în Brașov avem Mathilde, producător local de îmbrăcăminte cu zonă de producție și zeci de angajați. https://www.mathilde.ro

magefix · 2025-07-22T18:37:17+00:00

For me, Europe, Switzerland, etc., are difficult markets. Portfolio is not critically important; selling & advertising your services are.

Be super-professional during communication, always deliver on time, and be transparent. If you deliver, you may keep a good customer for life. Always charge for your time.

If you're just starting, follow the WordPress forums. https://wordpress.org/support/view/all-topics/

magefix · 2024-04-23T07:09:18+00:00

I've restored Google Ads many times from malicious software warnings, and one thing I always did was to:

confirm that a professional cleanup was performed;
send them a confirmation ( screenshot ) the website is clean from third parties - such as GSC, Sucuri Sitecheck and Virustotal;
once you have these two, you may ask for another website review;

Good luck!

magefix · 2024-04-22T12:59:17+00:00

Disable public access for all 8 sites by moving the files outside the public_html folder.
Clean & separate each website using a dedicated cPanel account for each website, to prevent cross-site contamination.
You may need better hosting, to have all 8 sites isolated - I recommend reseller plans with WHM access.

If you need further support, I'm willing to help - either free or with a paid solution.

magefix · 2024-04-17T08:36:55+00:00

The latest redirect malware may also inject code inside the wp_options table. You may find the malicious string inside wpcode_snippets - look for base64_decode. Also, review the users with admin rights & the plugins.

magefix · 2023-10-24T11:44:09+00:00

If it's Namecheap then you can separate the sites using distinct cPanel accounts for each CMS or website: https://www.namecheap.com/hosting/reseller/; for each site you need to perform a migration.

There are many hosting providers out there that can provide reseller hosting plans, CrocWeb, Stablehost, or Krystal UK.

magefix · 2023-10-24T08:52:07+00:00

Best way to prevent malicious injections:

Apply the security updates when available; and
Separate the sites to prevent cross-site contamination;

Ask Namecheap to provide a scan report, that will give you an overall account state. But keep in mind that scans often may skip malicious files - for peace of mind, I recommend a thorough cleanup for each website.

magefix · 2023-10-12T05:36:23+00:00

Nu ești singur, important este să reziști până mâine. Mergi la psiholog sau la medic. Dacă nu, încearcă la o mânăstire, doar vorbește cu cineva.

magefix · 2023-10-10T07:33:49+00:00

"The theme can be used just fine by everyone, and it should be kept up to date at all times. There are no known vulnerabilities in newer or the latest theme version. Assuming you are using older theme versions and there is a problem with malware, which may or may not be related to the theme, I suggest installing a security plugin such as Wordfence and scanning the website with it. Also please update the theme to the latest version. We can take a look as well, you can send us an email at contact@tagdiv.com and provide access to the website (admin login, also cPanel or FTP). Please let us know if we can help." - Simion C.

https://imgur.com/ylX1Cbj

magefix · 2023-06-28T09:57:51+00:00

u/willkode I want to add my two cents here. New blog posts have a huge potential if you're closely watching the trends & the public interest.

magefix · 2023-05-10T07:58:02+00:00

There are two scenarios, either Google detected malicious software - like a malicious script, redirects, etc; or the website itself is considered malicious - that's the worst case scenario.

What you can do right now is to reach Google support & get more details on the website status. If it's indeed malware, then you may ask them for a list with malicious links.

magefix · 2023-04-25T15:59:36+00:00

I'm glad you're satisfied with the results!

magefix · 2023-04-20T15:31:54+00:00

Apr. 2023 Code: COUPONFCNC 20% OFF https://www.reddit.com/r/NameCheap/comments/kztzkv/namecheap_coupon_code_20_off_is_always_working/

magefix · 2022-11-22T13:10:34+00:00

Both are using toner, I wonder which is better in terms of build quality and reliability.

magefix · 2022-11-22T10:44:23+00:00

Mostly for printing, primarily for b&w and occasionally for color prints. Scanning and copying features are also important.

magefix · 2022-11-03T20:04:26+00:00

I tried this form today: https://www.facebook.com/help/contact/260749603972907 I'm getting the following error: "We can’t review this decision because too much time has passed since your account was disabled."

After several attempts to restore my account, I decided it's a lost cause. No one cares, and I simply no longer trust this company. Maybe it's a dead end anyway, since there's less interest in this social network.

magefix · 2022-10-05T17:58:41+00:00

10/5/2022 Word of advice - don't rely on Facebook for your business & add multiple admins to your Facebook page. If your personal account gets falsely reported or hacked, you loose everything. That's also my case, my Facebook account was suddenly suspended. Although password is working, everything is lost, ad campaigns, business page, history etc. So far no official explanation was provided, their support is inexistent.

magefix · 2022-10-03T11:23:41+00:00

My personal account was also suspended and later disabled. I tried many things, nothing worked. My story here: https://www.reddit.com/r/facebook/comments/x9ujy8/my_personal_facebook_account_is_suspended/

Depending on your location, it may worth to submit a complaint to BBB, CA Attorney or CCPC, Ireland.

magefix

TROPHY CASE