Adsense code gets injected in functions.php

Home Forums Weaver Xtreme Theme Adsense code gets injected in functions.php

Topic Resolution: Resolved
Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • June 6, 2020 at 04:55 UTC - Views: 16 #64634
    GeorgeW
    Participant

    Hello – hope you’re well.

    Today, I looked at my site and I see a Google Adsense is injected on several pages.

    Screenshot:

    https://imagehost.imageupload.net/2020/06/06/hsm-ta-adsense.png

    I looked at the html and found this code:

    <div style="width: 100%; height: auto; clear: both;
    text-align: center;" class="google-auto-placed"><ins
    style="display: block; margin: 10px auto; background-color: transparent;
    height: 280px;" data-ad-format="auto" class="adsbygoogle
    adsbygoogle-noablate"
    data-ad-client="ca-pub-7633203349084118"></ins>

    After using the “String Locator” plugin, I found the code comes from the Weaver Xtreme theme functions.php file.

    Here’s the exact code in the theme:

     

    <hr />

     

    }

    add_action(‘wp_head’, ‘google_ads_george’);

    function google_ads_george() {
    ?>
    <script data-ad-client=”ca-pub-7633203349084118″ async src=”https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js”></script&gt;
    <?php
    }

    // THE END OF functions.php
    ?>

     

    <hr />

    I tried removing parts of the code, but then the entire site goes down.

    Also, via cPanel, I found a file named “ads.txt” in the root of my domain, with the following code:

    google.com, pub-7633203349084118, DIRECT, f08c47fec0942fa0

    My questions:

    1.  Any idea how could any of that code have ended up there? I don’t remember adding it there. It’s weird the code is called “google_ads_george” (My name is George).
    2. What part of it can I remove so the issue goes away without my site going down?

    Lover the Weaver theme btw!

    Thanks!

    George

    June 7, 2020 at 01:01 UTC - Views: 8 #64637
    Weaver
    Keymaster

    If you have ever modified any code in the theme without creating a child theme, then you did it the wrong way. If you need to modify anything in the theme (for example, anything in the theme’s own functions.php file), then the ONLY way to do this safely and in a way that will still work with future updates to the theme is to build a child theme.

    So, if your plugin is REALLY finding those lines in functions.php, it seems your site may have been hacked. Hacks that change theme files must “live” somewhere on your sites file system. The Wordfence plugin can usually find such code.

    But the easiest way for an immediate fix would be to temporarily change to any other theme, delete Weaver Xtreme, then reload and activate Weaver Xtreme from the WP site. That will replace any changes made to the theme. The problem is is if there is a hack, then it may go ahead and rehack the theme’s files – thus you need to check your site with Wordfence.

    June 7, 2020 at 04:50 UTC - Views: 5 #64638
    GeorgeW
    Participant

    Hi, Bruce!

    I agree with you. All theme tweaks we make on all our sites always happen via a child theme or with a separate “snippet” code.

    I have followed your recommendations and everything works great now.

    I really appreciate your help.

    Thanks!

    George

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.