Skip to main content Screen Reader Website Version
Get a Quote
Home Web Design SEO Services ADA Compliance Hosting & Support Custom Web Applications Our Work About Blog Contact

HotOpponents Hack

We have seen this one a few times coming from WordPress but we have also seen it in Google Analytics code or simply in a header.php file. HotOpponents is a simple redirect script but really digs down and makes roots for itself throughout your website files and database.  Here’s how we got rid of it in WordPress. Of course, you can always call us and we can clean this for you!

If you’re on a shared server, ask us about dedicated server support: we get you on a super-secure dedicated server for about the same cost as an insecure, slow, shared server (most common setup).

  1. Locate your wp-config.php file and note the database name.
  2. Open PHPMyAdmin and locate the database.
  3. Open SQL Statements and insert the following

    Remember to replace your table prefix here with the one in your database.
    Also, take notice of the GET variables in the URL, sometimes the tp=2 is different. We’ve seen zzz=3 and jp=88
  4.  That should remove the hotopponents script from your database.
  5. Replace ALL wordpress files with a clean version
  6. Next, log in via FTP and quarantine your plugins and theme files.
    1. download all files and search for malware manually – in obvious spots – header.php, index, etc…
    2. Scan your site with https://sitecheck.sucuri.net/ 
    3. Remove any malware. Many times it’s just better to flush plugins and reinstall them all, then just overwrite your theme files with the latest version or a backup.
  7. Download and install WordFence and do a site scan
  8. Finally, update all your passwords (account, (S)FTP, WordPress)
  9. Backup your site.

Nasty little hack/redirect script from some ridiculously infantile folks.

 

More Web Design Blog Content

Livewire SEO

The most common question we receive following a website launch is, “How can I increase traffic to my website without spending a fortune or buying ads?” Every website we develop for a customer includes what we refer to as “Basic SEO”; this simply means that we will fill

Session Timeouts

We’re currently fixing a set of issues with a shopping cart created through a different developer for a local client. They did a pretty good job but forgot about session timeouts. A lot of developers gloss over this aspect of their ecommerce site and unfortunately customers pay the

Why is WordPress our Go-To CMS?

Easy. It’s easy. Easy to use, operate and teach. We have dealt with virtually every blogging and Content Management Software out there, in existence, forever. Seen them all. Virtually all of them have their individual issues, yes, even WordPress. But few are as intuitive and easy to learn.

Answerhub versus WordPress

Recently we worked on a project with intent to use AnswerHub as the primary vehicle for user interaction. After spending some time in AnswerHub’s admin we discovered that they don’t provide anything that you cannot accomplish with easy under the WordPress hood. While AH supplies you with a

Leverage Browser Caching

When a webpage loads on your screen there are a lot of little pieces that have come together to create what you’re seeing. Your logo, other images, style sheets, javascript files are among some of the external resources a webpage might use to render itself on your screen.

New Mobile SIte

Head on over to livewiregeeks on your mobile device It’s our new mobile site based on Chalis iwebapp – a powerful framework that works well across the board. Livewire mobile has everything our main website has but is built for mobile devices. A custom redirect script detects whether a