Skip to main content Screen Reader Website Version
Get a Quote
Home Web Design SEO Services ADA Compliance Hosting & Support Custom Web Applications Our Work About Blog Contact

HotOpponents Hack

We have seen this one a few times coming from WordPress but we have also seen it in Google Analytics code or simply in a header.php file. HotOpponents is a simple redirect script but really digs down and makes roots for itself throughout your website files and database.  Here’s how we got rid of it in WordPress. Of course, you can always call us and we can clean this for you!

If you’re on a shared server, ask us about dedicated server support: we get you on a super-secure dedicated server for about the same cost as an insecure, slow, shared server (most common setup).

  1. Locate your wp-config.php file and note the database name.
  2. Open PHPMyAdmin and locate the database.
  3. Open SQL Statements and insert the following

    Remember to replace your table prefix here with the one in your database.
    Also, take notice of the GET variables in the URL, sometimes the tp=2 is different. We’ve seen zzz=3 and jp=88
  4.  That should remove the hotopponents script from your database.
  5. Replace ALL wordpress files with a clean version
  6. Next, log in via FTP and quarantine your plugins and theme files.
    1. download all files and search for malware manually – in obvious spots – header.php, index, etc…
    2. Scan your site with https://sitecheck.sucuri.net/ 
    3. Remove any malware. Many times it’s just better to flush plugins and reinstall them all, then just overwrite your theme files with the latest version or a backup.
  7. Download and install WordFence and do a site scan
  8. Finally, update all your passwords (account, (S)FTP, WordPress)
  9. Backup your site.

Nasty little hack/redirect script from some ridiculously infantile folks.

 

More Web Design Blog Content

Learning how to code?

We get questions all the time about how we started doing all this. Where did we learn to code? How on earth does any of that make sense? Some people are interested in learning for themselves. It’s easy to get started, especially in this day and age. Back

Using Zapier and ChatGPT

Here are some powerful and practical Zapier + ChatGPT workflow ideas across a variety of use cases — ideal for small businesses looking to automate content creation, customer service, and lead handling: ✉️ 1. Auto-Reply to Form Submissions with Personalized Emails Trigger: New form submission via Webflow, Typeform,

How To Win Visitors And Influence Traffic

Is there anything more of a turn-off than a untrustworthy website? Not in our world. Increasing the trust in your website is key to making conversions (calls, emails…. sales … you know, money). There are a number of factors determining the level of trust on your website. Here’s

Leverage Browser Caching

When a webpage loads on your screen there are a lot of little pieces that have come together to create what you’re seeing. Your logo, other images, style sheets, javascript files are among some of the external resources a webpage might use to render itself on your screen.

Are You Using Linkedin Like You Should?

Probably not. Linkedin is a valuable resource for any professional, but particularly freelancers and business owners. There is a lot to love about the social media construct, and a lot to hate; but no matter what side of the coin you fall on it is no secret that you

Adding a Fee in Woocommerce

This piggybacks off of a solution I found elsewhere. We modified it to add a single fee for products based on the taxonomy. It comes in handy to categories products and then apply this rule to that category. function action_woocommerce_checkout_calculate_fees( $cart ) { // Initialize $quantity = 0;