Need help? Check out our Support site, then


WordPress.com Forums » Support

12

Hacked - Strange links / anonymizer

  1. metrolandblog
    Member

    Help please. I appear to have been hacked.

    In the last few hours, all the links in a private, prototype blog that I'm working on for a business project appear to have been seized.

    When I click them, they go to a URL that begins with an anonymizer's prefix: http://href.li . . . . . (I can give you the full URLs if you tell me how to communicate with you regarding this - maybe email?)

    When I check the link that I entered in the page or post, it's empty.

    When I re-insert the correct URL for the hijacked link, it goes back to the anonymizer's site.

    It's happened now with more of my posts and pages.

    Is there anything I can do? How can I protect the blog?

    The blog I need help with is metrolandblog.wordpress.com.

  2. timethief
    Member

    Go to your email program and change the password to a very difficult one because that's how many hackers gain access

    Then read this please knowing that blogs don't get hacked when security protocols are followed. > http://en.support.wordpress.com/security/

    1. If you can log-in go here > Users > All Users and delete any user that does not belong there.

    2. Disable post by email > http://en.support.wordpress.com/post-by-email/

    3. Disable post by voice > http://en.support.wordpress.com/post-by-voice/

    4. Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password

    5. Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.

    I tagged this thread for Staff. Please subscribe to it so you are notified when they respond.

  3. metrolandblog
    Member

    I should have added that I cleared my cache, restarted my computer and had our corporate IT department come onto my system remotely to ensure it wasn't a virus in our system - including ruling out a virus in my Firefox browser. I have another, personal WP blog which is not experiencing this problem. It's only my private prototype WP blog.

  4. metrolandblog
    Member

    Thank you time thief, I will meanwhile do all those things. I always appreciate your attentive, helpful responses.

  5. macmanx
    Happiness Engineer

    Oh, that's normal. It shouldn't be going to a blank page, that's a problem, but what you're describing is actually a feature of your private blog.

    When a link is clicked on your blog to somewhere else, a referrer record is brought with the browser. This record says, "this is where I came from," and is recorded in most stats systems. The keep your private blog completely hidden, we offer http://href.li which is prepended to your links and removes the referrer record, so your private blog's location is never recorded as a referrer.

    To disable this, go to Settings -> Reading in your blog's Dashboard and check, "I would like my links to be public, without being passed through a referrer hider."

  6. metrolandblog
    Member

    Well thank you macmanx, I appreciate that.

    I guess my corporate security system simply doesn't allow me to connect to links that begin with href.li - because it blocks them.

    I normally use my home computer to work on the corporate blog, but today, I used my work computer and this all started. (I feel pretty silly) But thanks to TimeThief, I've strengthened my password anyway, which probably was a good idea.

    Whew! Thanks again.

  7. timethief
    Member

    Happy blogging from me. :)

  8. metrolandblog
    Member

    So I still need help here.

    I thought I had accomplished what macmanx advised: "To disable this, go to Settings -> Reading in your blog's Dashboard and check, "I would like my links to be public, without being passed through a referrer hider."

    I cannot get the WP system to accept heck mark on this box, even after I re-clear my cache and restart my computer. It empties right after I check save.

    Also, I just noticed that I cannot uncheck the box "I would like my site to be private . . . . " (not that I want it to be public yet but perhaps there's a glitch here somewhere that I haven't solved yet?)

  9. timethief
    Member

    I tagged this thread for a Staff follow-up. Please subscribe to it so you are notified when they respond.

  10. macmanx
    Happiness Engineer

    You're right, the "I would like my links to be public, without being passed through a referrer hider" checkerbox isn't working currently. I have asked someone to look into this.

    "I would like my site to be private . . . . " is not a checkbox, it's a radio button. You have to choose one of the three options there.

  11. metrolandblog
    Member

    Great, will wait for a fix. Thank you.

    But I don't have the choices you reference for the private/not private "radio button" you referenced.

    My settings do not have choices - only one choice. I've put a screenshot-metroland file in my media library if you can access that.

    If not, tell me how to email you. And I appreciate all this back and forth very much.

  12. macmanx
    Happiness Engineer

    Take a look at Settings -> Reading in your blog's Dashboard.

    You have "I would like my site to be private, visible only to users I choose" but above that you have "Discourage search engines from indexing this site" (public, search engines blocked) and "Allow search engines to index this site" (public).

    http://en.support.wordpress.com/settings/privacy-settings/

  13. metrolandblog
    Member

    OK thanks, I finally get it. Never had a private blogsite before. And yes, as soon as I picked another option (duh) the whole thing worked. Appreciated.

  14. macmanx
    Happiness Engineer

    You're welcome!

  15. metrolandblog
    Member

    I'm checking in to see if there's a fix yet for the checkerbox that still isn't working -- It's the "I would like my links to be public, without being passed through a referrer hider." I don't know if it's related, but my Reader has also stopped working on the private test sites I'm using. I have had public blogs on WP.com for several years, and everything continues to work fine there. Thanks.

  16. macmanx
    Happiness Engineer

    No, that hasn't been fixed yet.

    Would you please describe how your Reader isn't working?

  17. metrolandblog
    Member

    The reader is working now, my apologies. I should have re-posted when it re-started. It simply wasn't showing me new posts from the blogs I follow, including wordpress.com news. It was on the weekend so perhaps there was a temporary problem?

    Do you have a timeline for fixing the checkerbox?

    Thanks again.

  18. macmanx
    Happiness Engineer

    Yes, probably just a temporary glitch.

    There is no timeline on the checkbox fix at the moment.

  19. metrolandblog
    Member

    So I need to make a presentation in the next 10 days or so that will require live links, not through a referrer. Do you have any suggestions on a work-around, or a way I could accomplish this? It has to remain a private blog. Thanks if you can help.

  20. macmanx
    Happiness Engineer

    No, my only recommendation would be to make it public, but choose the option which hides it from search engines.

    It's also highly possible that the Hide Referrer links will work just fine elsewhere. It only appears to be blocked by your office's security system. You could probably even ask your office's IT staff to unblock it for you.

  21. metrolandblog
    Member

    Very good point, and one I hadn't thought of. Possibly a solution. Appreciated. (Except if the checkbox is supposed to work, it's probably not unreasonable for me to expect it to work, right?)

  22. macmanx
    Happiness Engineer

    No, not unreasonable for you to expect it to work. :)

  23. metrolandblog
    Member

    So I'm in a different location now, and the referrer has slowed down all the links. This is directly related to the problem that emerged March 20. Something happened March 20, because before that, the links shot through at regular speed on the computer I'm using now.

    So, one last attempt to find out how/when this might be fixed. Is it a problem for all private blogs across WP.com? Do we know? This is a presentation that's supposed to lead to the corporate purchase of a significant upgrade - so it really does matter. Thanks.

  24. macmanx
    Happiness Engineer

    I'm honestly not noticing a slow down myself, and have actually several private blogs with the referrers hidden.

    Could you please describe the slow down, is it minutes or seconds, do you just notice the link going to one point and then being sent to another?

  25. jaw501
    Member

    On my home computer last night, it took almost three minutes for one of the referrer links to complete. I wonder if it's something about our own corporate network, since almost every link connects back to another of our corporate sites. Could that be it? Maybe something in our own system changed on March 20 and I'm getting a slowdown because of the destination links?

  26. macmanx
    Happiness Engineer

    That could very well be it. Exactly what URL is it loading when it's stalling for 3 minutes?

    If it looks like http://href.li/?http://example.com/ while it's stuck for 3 minutes, the problem is our referrer hider. If it looks like http://example.com/ while it's stuck for 3 minutes, the problem is the destination site (the corporate site in this case).

  27. metrolandblog
    Member

    Great info, thanks again for all this back and forth.

    It's definitely the http://href links. Here are the first few characters of the link that just got stuck again tonight on my home computer:

    http://href.li/?http://www.therec. . . .

    The links that stall always begin with the referrer.

    Some links don't got through a referrer, though, and those are fine, obviously.

    I really don't understand this. Again, appreciated.

  28. macmanx
    Happiness Engineer

    Right, but the way it works is that the link goes to http://href.li/?http://example.com/ which should load in less than a second, then you'll see http://example.com/ loading.

    I know that most of them start out going to http://href.li/?http://example.com/ but is it getting stuck loading http://href.li/?http://example.com/ or http://example.com/ ?

  29. metrolandblog
    Member

    OK, tried it on numerous links and it gets stuck at http://href.li/?http://example.com, not http://example.com.

  30. macmanx
    Happiness Engineer

    Thanks for clarifying! We're still looking into this!

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags