Jump to content


Photo

Google Ads


  • Please log in to reply
16 replies to this topic

#1 xplanes

xplanes

    New To The Neighborhood

  • Members
  • Pip
  • 17 posts

Posted 21 August 2009 - 03:34 PM

Hello,

How and why were google adds added to our website?

Is there some kind of opt-out, or billing issue that would have someone do that without our knowledge or permission?

Thanks,

Lou

#2 TCH-Bruce

TCH-Bruce

    Volunteer Moderator

  • Members
  • PipPipPipPip
  • 19,960 posts

Posted 21 August 2009 - 05:28 PM

What do yo mean? TCH does nothing with your websites. You are in total control of the content of your web space so if ads started showing up without your adding them I would be investigating what software you have installed.

Bruce Richards
Forum Moderator
TotalChoice Hosting, Inc.
Webhosting by Total Choice Web Hosting - General Support Forum

I am a Forum Moderator. While I can assist in answering most of your hosting related questions, I am unable to answer questions about specifics relating to your account such as billing and server related issues. Should you need assistance in these areas, please contact our Help Desk or our many other options. Another good place to find answers is with our help pages, tutorials and movie tutorials.


#3 BrandonOK

BrandonOK
  • Members
  • 4 posts

Posted 26 August 2009 - 07:15 PM

Wow, this just happened to me, too. Yesterday (according to the date-modified) a file was changed in my Wordpress folder adding a google ad to the front page. I just deleted it, but I have no idea how to keep it from happening again. Any ideas, TCH staff?

Was added to the sidebar.php file in my currently-active theme folder.

Ad variables:
google_ad_client = "pub-0319448003450856";
google_ad_slot = "0064722809";
google_ad_width = 160;
google_ad_height = 600;

Permissions on that file were set to 644 (read/write owner, read others).

I've just changed my user password on wordpress and my main account password on totalchoice.

Weird. If it happens again, I will update.

#4 xplanes

xplanes

    New To The Neighborhood

  • Members
  • Pip
  • 17 posts

Posted 26 August 2009 - 08:48 PM

I have a wordpress blog that we started and never used. I had removed the link from our website but left it installed in case I wanted to mess with it again. It would appear someone has found a way to setup an admin account without any notifications going out. I removed the wordpress install with fantastico and changed our password. So far no more issues.

#5 TCH-Thomas

TCH-Thomas

    Volunteer Moderator

  • Members
  • PipPipPipPip
  • 14,908 posts

Posted 27 August 2009 - 01:35 AM

Welcome to the forum, BrandonOK. :)

Having a strong password for everything needing a password, making files and folders as protected as possible (permissions), keeping scripts etc up to date (and secure) and removing things not needed are the most basic things we all need to do to keep the bad guys out.

And also, if you suspect that your account have been compromised, submit a ticket with the help desk and the techs will investigate it.

Thomas Jikrantz
Forum Moderator
TotalChoice Hosting, Inc.

Any links or suggestions for third party software/sites should be used at your own risk. My opinions and recommendations are not necessary those of TCH and TCH is not responsible.

As a Forum Moderator I can assist in answering many of your hosting related questions. However, I am unable to answer questions about specifics relating to your account such as billing and server related issues. Should you need assistance in these areas, please contact our Help Desk or our many other options. Another good place to find answers is with our help pages, tutorials and movie tutorials.
Web Hosting by Total Choice Web Hosting - 24/7 Help Desk


#6 TCH-Bruce

TCH-Bruce

    Volunteer Moderator

  • Members
  • PipPipPipPip
  • 19,960 posts

Posted 27 August 2009 - 06:56 AM

Welcome to the forum BrandonOK :)

May I ask what plugins you have installed and what theme you are using? That question is for both users.

Also what version of Wordpress was/is it?

Bruce Richards
Forum Moderator
TotalChoice Hosting, Inc.
Webhosting by Total Choice Web Hosting - General Support Forum

I am a Forum Moderator. While I can assist in answering most of your hosting related questions, I am unable to answer questions about specifics relating to your account such as billing and server related issues. Should you need assistance in these areas, please contact our Help Desk or our many other options. Another good place to find answers is with our help pages, tutorials and movie tutorials.


#7 BrandonOK

BrandonOK
  • Members
  • 4 posts

Posted 27 August 2009 - 08:53 AM

Welcome to the forum BrandonOK :)

May I ask what plugins you have installed and what theme you are using? That question is for both users.

Also what version of Wordpress was/is it?


It's Wordpress 2.8.4. The attack (it was actually pretty minor to call an "attack") probably came after I updated from 2.8.1, must've been a week or two ago. I had the default "hello dolly" and "akismet" plugins, both inactive, but deleted yesterday when I was changing passwords. Still got & using:
Defensio Anti-Spam 2.03
Simple Tags 1.6.6
Wordpress Database Backup 2.2.2

The theme is called Almost Spring, which I've modified a bit (a color here, a margin width there).

Installed here: http://deeperintomovies.net/journal/
The only admin user is/was myself.

I've never properly understood file permissions. If a file is everybody-writeable (666 or 777), who can write to it? Everybody with FTP access to totalchoice? Everybody with FTP access to my specific account? Or everybody on the entire internet? Maybe I need to scour my install for permissions problems... I'll bet there are a few. Weird that the changed file was 664 at the time, though.

And thanks for the welcome - I've actually been on the forums before but my account must've expired. 4-ish-year totalchoice member and still loving it here.

Edited by BrandonOK, 27 August 2009 - 08:54 AM.


#8 TCH-Thomas

TCH-Thomas

    Volunteer Moderator

  • Members
  • PipPipPipPip
  • 14,908 posts

Posted 27 August 2009 - 09:22 AM

I´ve never heard of that theme before so I googled a bit and it seems that the theme is already prepared to show google ads, which would make it easy for either a bad guy to enable or for anyone to forget to disable if enabled by default.
Why I say the latter part is because I once accidently installed a theme that had ads with customer id and the whole thing already in place. My ad blocker did it´s job to not let me see it and I therefor did not know until someone asked me about it.

Thomas Jikrantz
Forum Moderator
TotalChoice Hosting, Inc.

Any links or suggestions for third party software/sites should be used at your own risk. My opinions and recommendations are not necessary those of TCH and TCH is not responsible.

As a Forum Moderator I can assist in answering many of your hosting related questions. However, I am unable to answer questions about specifics relating to your account such as billing and server related issues. Should you need assistance in these areas, please contact our Help Desk or our many other options. Another good place to find answers is with our help pages, tutorials and movie tutorials.
Web Hosting by Total Choice Web Hosting - 24/7 Help Desk


#9 TCH-Dick

TCH-Dick

    General Manager

  • Admins
  • PipPipPipPip
  • 5,786 posts

Posted 27 August 2009 - 10:53 AM

You can always report unauthorized code to Google at https://www.google.c...authorized_code

Dick DeVance
General Manager
TotalChoice Hosting, Inc
dick@totalchoicehosting.com


Posted Image


#10 xplanes

xplanes

    New To The Neighborhood

  • Members
  • Pip
  • 17 posts

Posted 27 August 2009 - 05:36 PM

Silly question, but why would someone go through the trouble to put Google ads on someone Else's website? The ads I saw were local businesses doing similar types of work.


BTW, I made our website. No themes. I used Fantastico to install a photo album, classifieds, and the wordpress blog. They went in and edited my includes files so i will be looking at the permissions there.

http://kitplanesnorthwest.com

Edited by xplanes, 27 August 2009 - 05:40 PM.


#11 TCH-Bruce

TCH-Bruce

    Volunteer Moderator

  • Members
  • PipPipPipPip
  • 19,960 posts

Posted 27 August 2009 - 07:29 PM

The ads make people money. If you didn't put them there then I would be opening a ticket with the help desk and have the techs take a look. I would also have them check the logs to see where logins to your site are coming from.

Bruce Richards
Forum Moderator
TotalChoice Hosting, Inc.
Webhosting by Total Choice Web Hosting - General Support Forum

I am a Forum Moderator. While I can assist in answering most of your hosting related questions, I am unable to answer questions about specifics relating to your account such as billing and server related issues. Should you need assistance in these areas, please contact our Help Desk or our many other options. Another good place to find answers is with our help pages, tutorials and movie tutorials.


#12 xplanes

xplanes

    New To The Neighborhood

  • Members
  • Pip
  • 17 posts

Posted 27 August 2009 - 11:53 PM

I did open a ticket the same time I started this topic. They saved a log for me but it only contained my logins to fix the website.

#13 BrandonOK

BrandonOK
  • Members
  • 4 posts

Posted 28 August 2009 - 10:37 AM

You can always report unauthorized code to Google at https://www.google.c...authorized_code


Ah, I will do that. Checking the login logs is also a good idea. Thanks you guys - disasters hopefully averted for now.

#14 SteveW

SteveW

    Distant Family

  • Members
  • PipPipPip
  • 129 posts

Posted 28 August 2009 - 05:48 PM

The google_ad_client is the unique AdSense publisher ID of the person who will be paid for clicks on those ads, so it's a major clue.

Check for security advisories about all the programs you use (photo album, classifieds, and the wordpress blog), and their plug-ins, at Secunia. Here is the one for Noah's Classifieds, in case that's what you're using: http://secunia.com/a...task=advisories

If a file is everybody-writeable (666 or 777), it means that any PHP script running on any site on your shared server can potentially access it without having to supply a userID or password. I suspect it also means that it's accessible by FTP, and telnet/SSH (if I'm using those terms correctly), but in those cases they would first need the userID/password.

If the changed file was 664, it was probably modified by a PHP script running on your site. While technically possible that the script was running on some other site on your server, it is rare.

(it was actually pretty minor to call an "attack")

It's still serious, though. If they can modify one file, they can modify, or delete, the entire site.

WordPress at Secunia. Yet another vulnerability in the past few days:
http://secunia.com/a...earch=wordpress

#15 zdrayson

zdrayson
  • Members
  • 2 posts

Posted 06 October 2011 - 01:06 AM

It could be apart of the theme that you purchased. Many themes now come with a space for Google Ads. There is usually apart in the dashboard panel for you to add your own google ads code or to turn them off.

#16 jackmarknow

jackmarknow
  • Members
  • 3 posts

Posted 10 January 2013 - 03:40 AM

What do yo mean?



#17 mkdesigner

mkdesigner

    Family Friend

  • Members
  • PipPip
  • 34 posts

Posted 03 March 2013 - 08:38 PM

I've heard of this happening with folks who do any sort of Google transaction/signup thing.  My blog on blogspot suddenly had google ads the day after I signed up for Google Shopping thru Bonanza.  I've not cancelled it yet, since I made several sales directly thru that before I had to put my booth on vacation for personal reasons.  I may just leave it there if sales continue once I activate the booth again later this month. LOL   :)

 

Marge


<!--fonto:Georgia--><span style="font-family:Georgia"><!--/fonto--><!--sizeo:3--><span style="font-size:12pt;line-height:100%"><!--/sizeo-->
<i><!--coloro:#4169E1--><span style="color:#4169E1"><!--/coloro--><b>Marge in Sparks, NV</b><!--colorc--></span><!--/colorc--></i>
<a href="http://www.mkdesigner.com" target="_blank">MKDesigner</a><!--fontc--></span><!--/fontc--><!--sizec--></span><!--/sizec-->




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users