Jump to content
xplanes

Google Ads

Recommended Posts

Hello,

 

How and why were google adds added to our website?

 

Is there some kind of opt-out, or billing issue that would have someone do that without our knowledge or permission?

 

Thanks,

 

Lou

Share this post


Link to post
Share on other sites

What do yo mean? TCH does nothing with your websites. You are in total control of the content of your web space so if ads started showing up without your adding them I would be investigating what software you have installed.

Share this post


Link to post
Share on other sites

Wow, this just happened to me, too. Yesterday (according to the date-modified) a file was changed in my Wordpress folder adding a google ad to the front page. I just deleted it, but I have no idea how to keep it from happening again. Any ideas, TCH staff?

 

Was added to the sidebar.php file in my currently-active theme folder.

 

Ad variables:

google_ad_client = "pub-0319448003450856";

google_ad_slot = "0064722809";

google_ad_width = 160;

google_ad_height = 600;

 

Permissions on that file were set to 644 (read/write owner, read others).

 

I've just changed my user password on wordpress and my main account password on totalchoice.

 

Weird. If it happens again, I will update.

Share this post


Link to post
Share on other sites

I have a wordpress blog that we started and never used. I had removed the link from our website but left it installed in case I wanted to mess with it again. It would appear someone has found a way to setup an admin account without any notifications going out. I removed the wordpress install with fantastico and changed our password. So far no more issues.

Share this post


Link to post
Share on other sites

Welcome to the forum, BrandonOK. :)

 

Having a strong password for everything needing a password, making files and folders as protected as possible (permissions), keeping scripts etc up to date (and secure) and removing things not needed are the most basic things we all need to do to keep the bad guys out.

 

And also, if you suspect that your account have been compromised, submit a ticket with the help desk and the techs will investigate it.

Share this post


Link to post
Share on other sites

Welcome to the forum BrandonOK :)

 

May I ask what plugins you have installed and what theme you are using? That question is for both users.

 

Also what version of Wordpress was/is it?

Share this post


Link to post
Share on other sites

Welcome to the forum BrandonOK :)

 

May I ask what plugins you have installed and what theme you are using? That question is for both users.

 

Also what version of Wordpress was/is it?

 

It's Wordpress 2.8.4. The attack (it was actually pretty minor to call an "attack") probably came after I updated from 2.8.1, must've been a week or two ago. I had the default "hello dolly" and "akismet" plugins, both inactive, but deleted yesterday when I was changing passwords. Still got & using:

Defensio Anti-Spam 2.03

Simple Tags 1.6.6

Wordpress Database Backup 2.2.2

 

The theme is called Almost Spring, which I've modified a bit (a color here, a margin width there).

 

Installed here: http://deeperintomovies.net/journal/

The only admin user is/was myself.

 

I've never properly understood file permissions. If a file is everybody-writeable (666 or 777), who can write to it? Everybody with FTP access to totalchoice? Everybody with FTP access to my specific account? Or everybody on the entire internet? Maybe I need to scour my install for permissions problems... I'll bet there are a few. Weird that the changed file was 664 at the time, though.

 

And thanks for the welcome - I've actually been on the forums before but my account must've expired. 4-ish-year totalchoice member and still loving it here.

Edited by BrandonOK

Share this post


Link to post
Share on other sites

I´ve never heard of that theme before so I googled a bit and it seems that the theme is already prepared to show google ads, which would make it easy for either a bad guy to enable or for anyone to forget to disable if enabled by default.

Why I say the latter part is because I once accidently installed a theme that had ads with customer id and the whole thing already in place. My ad blocker did it´s job to not let me see it and I therefor did not know until someone asked me about it.

Share this post


Link to post
Share on other sites

Silly question, but why would someone go through the trouble to put Google ads on someone Else's website? The ads I saw were local businesses doing similar types of work.

 

 

BTW, I made our website. No themes. I used Fantastico to install a photo album, classifieds, and the wordpress blog. They went in and edited my includes files so i will be looking at the permissions there.

 

http://kitplanesnorthwest.com

Edited by xplanes

Share this post


Link to post
Share on other sites

The ads make people money. If you didn't put them there then I would be opening a ticket with the help desk and have the techs take a look. I would also have them check the logs to see where logins to your site are coming from.

Share this post


Link to post
Share on other sites

I did open a ticket the same time I started this topic. They saved a log for me but it only contained my logins to fix the website.

Share this post


Link to post
Share on other sites

The google_ad_client is the unique AdSense publisher ID of the person who will be paid for clicks on those ads, so it's a major clue.

 

Check for security advisories about all the programs you use (photo album, classifieds, and the wordpress blog), and their plug-ins, at Secunia. Here is the one for Noah's Classifieds, in case that's what you're using: http://secunia.com/advisories/product/5705/?task=advisories

 

If a file is everybody-writeable (666 or 777), it means that any PHP script running on any site on your shared server can potentially access it without having to supply a userID or password. I suspect it also means that it's accessible by FTP, and telnet/SSH (if I'm using those terms correctly), but in those cases they would first need the userID/password.

 

If the changed file was 664, it was probably modified by a PHP script running on your site. While technically possible that the script was running on some other site on your server, it is rare.

 

(it was actually pretty minor to call an "attack")

It's still serious, though. If they can modify one file, they can modify, or delete, the entire site.

 

WordPress at Secunia. Yet another vulnerability in the past few days:

http://secunia.com/advisories/search/?search=wordpress

Share this post


Link to post
Share on other sites

It could be apart of the theme that you purchased. Many themes now come with a space for Google Ads. There is usually apart in the dashboard panel for you to add your own google ads code or to turn them off.

Share this post


Link to post
Share on other sites

I've heard of this happening with folks who do any sort of Google transaction/signup thing. My blog on blogspot suddenly had google ads the day after I signed up for Google Shopping thru Bonanza. I've not cancelled it yet, since I made several sales directly thru that before I had to put my booth on vacation for personal reasons. I may just leave it there if sales continue once I activate the booth again later this month. LOL :)

 

Marge

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×