Skip to main content Screen Reader Website Version
Get a Quote
Home Web Design SEO Services ADA Compliance Hosting & Support Custom Web Applications Our Work About Blog Contact

HotOpponents Hack

We have seen this one a few times coming from WordPress but we have also seen it in Google Analytics code or simply in a header.php file. HotOpponents is a simple redirect script but really digs down and makes roots for itself throughout your website files and database.  Here’s how we got rid of it in WordPress. Of course, you can always call us and we can clean this for you!

If you’re on a shared server, ask us about dedicated server support: we get you on a super-secure dedicated server for about the same cost as an insecure, slow, shared server (most common setup).

  1. Locate your wp-config.php file and note the database name.
  2. Open PHPMyAdmin and locate the database.
  3. Open SQL Statements and insert the following

    Remember to replace your table prefix here with the one in your database.
    Also, take notice of the GET variables in the URL, sometimes the tp=2 is different. We’ve seen zzz=3 and jp=88
  4.  That should remove the hotopponents script from your database.
  5. Replace ALL wordpress files with a clean version
  6. Next, log in via FTP and quarantine your plugins and theme files.
    1. download all files and search for malware manually – in obvious spots – header.php, index, etc…
    2. Scan your site with https://sitecheck.sucuri.net/ 
    3. Remove any malware. Many times it’s just better to flush plugins and reinstall them all, then just overwrite your theme files with the latest version or a backup.
  7. Download and install WordFence and do a site scan
  8. Finally, update all your passwords (account, (S)FTP, WordPress)
  9. Backup your site.

Nasty little hack/redirect script from some ridiculously infantile folks.

 

More Web Design Blog Content

Add YARPP to Custom Post Types: WordPress

A great little plugin for adding related posts to your blog has been around for a while: YARPP, Yet Another Related Posts Plugin. It’s fairly robust, for being free, but it does not natively support custom post types – a bummer. A quick way around this is to

Choosing The Right Domain

Finding the right domain can be a arduous process. That is, unless of course you are lucky enough to find your business name in the exact form you desire. More often than not, obtaining a great domain takes a lot f time, mental energy and cautious anxiety. Will

Firefox is dead to me

That happened a long time back. Now it seems that the once beloved browser is now in the same situation with the majority of its former users. I personally feel that the browser lost its roots in version 12, but it was showing signs of becoming yesterdays news

Using Zapier and ChatGPT

Here are some powerful and practical Zapier + ChatGPT workflow ideas across a variety of use cases — ideal for small businesses looking to automate content creation, customer service, and lead handling: ✉️ 1. Auto-Reply to Form Submissions with Personalized Emails Trigger: New form submission via Webflow, Typeform,

Haile’s Angels Pet Rescue has a New Website

Customized WP theme – a great choice for a great organization. Haile’s Angels continues to do some great work in our community focusing on our four legged friends. They take in a good number of pets each month and try to find them forever homes. As a no-kill

Project Gutenburg

Every heard of it? If not, make sure to check it out. They have tons of books online, free for anybody. Our favorite? A Connecticut Yankee in King Arthur’s Court by Mark Twain http://www.gutenberg.org/ebooks/86 Got a smartphone? Just download a free e-reader and you’re all set. Download the