I have had a lucky escape with the BlogPressSEO WordPress Plugin. I have just found out it was malware! I had it installed on 3 blogs too.
I installed this plugin about a year ago. I can’t remember exactly how I came by it but I must have been convinced that it was going to help my blogs with SEO. There was a free version and a paid version but I had the free version.
Just recently I started having some problems with the text captcha plugin on this blog and I also noticed that I was getting this error text at the bottom of my blog posts.
Not Found
The requested URL /link_files/UNUP8J2AIMYF61LBCDA8-2429.hwe was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache mod_fcgid/2.3.6 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at 24365online.com Port 80
At first I thought it was a problem with the captcha plugin but then I noticed that I had the problem on all three of my blogs and I only had the captcha plugin on this blog.
So, I thought it must be a problem with my server but initially Hostgator could not find anything wrong. They were very helpful checking out plugins that caused something to appear at the end of my posts like the share plugins but I was not using the same one on all 3 blogs.
Finally, one of the Hostgator guys decided to run a malware scan on my blog and hey presto came up with the BlogPressSeo Plugin.
When I went to the plugin’s page from inside my blog I discovered that the website no longer existed. Then, through an internet search for the plugin, I discovered that internet marketers had been posting warnings about this plugin for months.
According to the posts the plugin author had included some code that allowed him to get the blog’s URL and admin email address of the blogs it was installed on. This allowed anyone who knew that to login without a password. Fortunately no damage seems to have been done to my blogs.
It seems that the plugin wasn’t doing anything for my SEO at all. It claimed to build backlinks to posts from other blogs with similar content which they say is impossible. ( I have seen some of these advertised though which I will have to investigate) .
So dear reader, I write this as a warning. It pays to do some research before downloading any WordPress Plugins unless it is on WordPress’s own free plugin site.
Bloggers were saying that the BlogPressSEO plugin would never have got onto WordPress’s plugin directory because of the code that the author included.
I have learned a lesson and had a very lucky escape. Have you had any plugin disasters? Share your experiences in the comments.
Hi Sandy
Thanks for the warning. As yet only had captcha plugin issues but that’s sorted now. Only BIG disaster I had is when I totally wiped my blog off my server – I was working when I was really tired. Luckily it was all backed up.
Make sure you back up your work regularly!
Joshua
Yes, you are right Joshua. It’s so important to back it up regularly. I had to delete the files for the plugin from one of my blogs from my hosting account as there was no delete link and the disable link did not work. I made sure that I backed everything up before I deleted the files just in case!
Sandy
Hello Sandy,
I’m sorry to hear that you had that trouble. Hopefully it’s all sorted to your satisfaction now.
Thank you so much for the warning – I shall steer well clear of that plug-in.
Best regards from Edinburgh.
Hello Hamish, thanks for your good words. One I had deleted the plugin on 2 of my blogs and disabled it on another as there was no delete link and deleted the files I was sorted. The plugin no longer exists thank goodness but my experience is a warning to others that you should not download any plugin unless you have done your research on it first if it is not from WordPress’s own plugin directory.
Sandy
Thanks for this wonderful information,now we know what to do. Thanks for the warning.