I’m dealing with a brutal website security mess across several small WordPress sites, and I’m trying to compare notes with others who manage hosting accounts, WordPress installs, cPanel-style environments, or Google Search Console properties.
The pattern is ugly: under-the-hood malware, fake AMP pages, Google Search Console “AMP page domain mismatch” warnings, surprise ownership verification attempts, changed index.php files, rewritten robots.txt files, strange PHP loaders, and remote scripts aimed mostly at search bots rather than normal visitors.
I am not claiming I know the root cause yet. It could be compromised WordPress installs, bad plugins, stolen credentials, web shells, hosting-layer exposure, or something farther upstream. But the symptoms are repeating across enough places that I want to ask plainly:
Are other webmasters seeing this too?
Especially:
- Fake AMP pages tied to domains you control
- Google Search Console ownership you did not add
- index.php files altered to serve different content to Googlebot
- robots.txt or sitemap files rewritten
- PHP files calling strange outside domains
- Malware recurring after local cleanup
Security people often do not want to discuss details in public, and I respect that. But if you are seeing similar patterns, I’d like to compare notes privately.
This is the kind of thing that makes you want to scream because the public-facing site may look normal while the damage is happening underneath.
Photo from a past CodeFest event -- where we won an award. I'm on the far left.
Posts
No comments:
Post a Comment