Jul 20 2009
This Blog’s RSS Feed Is Being Hijacked
When I use RSS aggregator to read my own blog, there is always some spam messages around. It started about a couple of month ago. If I set the feed option to display whole text, then the spam message has a link to a “imaginaria.com.ar” site (Argentinian?) If I set the feed option to display only the summary, then the spam appears on the first message that doesn’t have an “excerpt” field.
Update: actually, only Google Reader and My Yahoo! … Client programs don’t seem to have this problem, or when I just type in http://wuyibing.com/feed directly on my browser.
It is driving me crazy now. WordPress is nice. But like all nice things, it is so only when it is working.
Latest: solution found – (see also http://wordpress.org/support/topic/282365?replies=3)
Read the newer postings in http://groups.google.com/group/google-reader-troubleshoot/browse_thread/thread/39a7eef288c65dd0.
Search for comments from the users “Today I read … something” and “John Wennerberg”.
In short, here is what you need to do:
1. Find a database client and use it to connect to your WP database directly. If you do not know how to do this, ask your ISP for help.
2. Search in the wp_options table and delete rows whose “optiona_name” field looks like: rss_[a long hex number] (some with _ts suffix)
3. Search in the wp_users table, if you find a suspicious user (e.g. url is www.com or email you don’t recognize), delete it
Also, I would not search or try a plugin unless I know for sure it is safe. It looks like plugin is a backdoor for unauthorized content to sneak into the system.
I would also disallow anyone to register with the site.
Many thanks to the contributors on the Google Group thread.