Asking for a friend.
WordPress site currently has hidden Viagra links injected into it and migrating to Ghost is being evaluated.
I ran a WordPress export and searched for Viagra and the links aren’t in the expert, so they must be injected dynamically by a plugin or something and not in the actual content.
But is there is a recommended way to scan the export for other malicious content? Does Ghost(Pro) scan for malicious content? Or is the usually not a problem because the malicious code is injected by plugins and not stored in the post bodies?
I’d consider the possibility of obfuscated JavaScript in post bodies. That might import.
AFAIK, the assumption in the editor is that all roles are trusted.
Thanks @Cathy_Sarisky.
I searched for ‘<script’ and didn’t find any in post bodies, but there are a bunch in the export with a structure like this:
<wp:postmeta>
<wp:meta_key><![CDATA[_oembed_a36dbd193adbef62fcf6ed086adfbbbe]]></wp:meta_key>
<wp:meta_value><![CDATA[MALICIOUS IFRAME GOES HERE]]></wp:meta_value>
</wp:postmeta>
I’m not sure how these would be imported, but maybe I’m barking up the wrong tree here and should be using the official Ghost Migrator plugin instead.
But that solution doesn’t support custom fields or shortcodes or taxonomies, all of which this site uses.
I’m hoping to eventually help them to put together an RFQ for a consultant to help, but I’m trying to help define and narrow the scope of work where I can.
Install Wordfence on the site and run it. (It’s the best Wordpress security plugin, in my experience.)
Also, the Wordfence folks can do a repair on the site for a fee.
https://www.wordfence.com
Thanks, I’ll give that a try.
Wordpress used to be so good before they let all crap run free to install…
I believe you got some great tips already but you could [should] also uninstall your plugins before running an export.
There are 50 plugins installed.
And how would uninstalling them help the export? If they added custom fields or shortcodes, which some did, those will remain in the database I believe.