Need help? Check out our Support site, then


Unwanted "Stop Sopa" banner on my blog

  1. An unwanted banner -- "kz.am Stop SOPA" -- has appeared on my website (http://staplessoccer.wordpress.com). I never clicked on the "Stop Sopa" widget offered by WordPress; I double-checked it, it's unclicked. Who did this, where did it come from, and how can I get rid of it? THANKS!

    The blog I need help with is staplessoccer.wordpress.com.

  2. I'm not seeing any banner, but my anti-virus software just blocked a potentially malicious site after clicking on your site link. ?!

  3. And sorry if this is overly obvious, but is there any chance you added the banner from this thread and forgot about it?

  4. No -- I did not add anything. Does your reply mean that your anti-virus software blocked my site entirely? That's not good!

  5. You gave added a "NEXT GAME" code in a text widget. The original image URL redirects to the image you're seeing now. You can go to Appearance > Widgets, open that text widget and delete the image code.

  6. The "NEXT GAME" code was always there. I did not change it, but suddenly the "Stop SOPA" image appeared.

  7. As noted above - the site you are getting the image from changed the image on their end. You need to remove the link to the imae.

  8. Was there an image there before?
    it looks like the image file now redirects to the that stop SOPA image.
    Many widgets do this... its not necessarily malicious... its done by host server of the file.

    You can either remove the
    <img height="49" border="0" width="230" src="http://littleyapper.com/staplesblogpics/next-game.gif"/>

    from the widget
    or the whole text widget for now.

    as Panos suggested.

    Just copy and save the whole code from text widget to a notepad, and you can put it back up later, if the images is changed back.

  9. Actually.... the origional domain has of the file has expired. It redirects very suspiciously...
    I would follow the suggestion in this thread, remove the image code and move on.

  10. Thanks, all. It worked. Now my question is: Who put that code there, and how were they able to do it?!

  11. And no more pop up warnings from the anti-virus software, so that apparently was the source of the dodgy link.

    Oh the perils of hotlinking!

  12. @dwoog
    The code was not changed at your wordpress.com blog, your account is safe.

    Someone change the code of the image file at the origional site."littleyapper . com" that you were "hotlinked " to.

    Oddly that site: littleyapper.com domain is expired, that would make me suspicious of that new redirected image.

  13. Thanks again. So I guess someone can change code like that? That's scary.

  14. Once again: nobody changed the code in your widget. The code included this URL:
    http://littleyapper.com/staplesblogpics/next-game.gif
    If you click on it, you'll see that it's now redirecting to a different URL.

  15. You are hotlinking to someone else's image. It is their image. They can change it whenever they want. I've done that with people who have taken one of my images and posted it on their site without my permission, and the images I've put up in some cases are rather shocking.

  16. To avoid losing control of the images on your site, host the images on your site. Upload them to your own site and then you know they're safe. What hotlinking does is it installs a window that looks out onto the other site's view. They can do some landscaping and change that view, and you get results like this.

  17. Apparently this one had malicious intent!

  18. Yeah, but this wasn't an image -- it was a text widget!

  19. but this wasn't an image -- it was a text widget!

    No one's disputing the fact that it's a text widget.

    Take a break, then read dlager's response and panaghiotisadam's reply. As far as I know, they are referring to an image. An image in a text widget, but an image nevertheless.

  20. This http://littleyapper.com/staplesblogpics/next-game.gif is an image referenced in that text widget.

  21. So…

    I just noticed the same thing happening on an old Livejournal blog of mine.

    In each case, the image I was linking to was a Flickr image. *My* flickr images, in fact. Now… these were also images that have been removed from my flickr account since I let my Pro account die.

    In the code, it still refers to the flickr URL, but the image itself is being served from an entirely *different* domain.

    My guess is that, somehow, someone has managed a neat (and freaking annoying and unethical) little DNS hack making URLs link to that image; no hacking on thethesacredpath's widget (or on my LJ).

  22. What I suspect is that your virus warning software is sophisticated enough to see that X isn't where the browser was told X was, and that something else is there, and is flagging it as malicious on that basis. You'd think Flickr of all sites would be whitelisted. Anyway, I don't see it as a DNS hack.

  23. Moi aussi, j'ai le même problème. Mais, c'est pour les trois blogs. Par contre, je ne vois pas ou corriger le problème. Voici l'adresse d'un des blogs ;http://nw.rifrando.asso.fr
    Merci

  24. @penducharlie
    Français (French) : http://fr.forums.wordpress.com

Topic Closed

This topic has been closed to new replies.

About this Topic