Title: Buy Online (basicpills.com
Last modified: August 19, 2016

---

# Buy Online (basicpills.com

 *  [alsmith](https://wordpress.org/support/users/alsmith/)
 * (@alsmith)
 * [15 years, 2 months ago](https://wordpress.org/support/topic/buy-online-basicpillscom/)
 * I’ve seen posts get rewritten without the admin making the changes. the posts
   look normal until you check closer and you see links to basicpills.com and more
   inside them.
 * I’ve put a .htaccess in the wp-admin to prevent anyone from accessing the admin
   but it happened again.
 * This hack is rewriting the post without access.
    How are they doing this?

Viewing 3 replies - 1 through 3 (of 3 total)

 *  [esmi](https://wordpress.org/support/users/esmi/)
 * (@esmi)
 * [15 years, 2 months ago](https://wordpress.org/support/topic/buy-online-basicpillscom/#post-1991913)
 * [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked)
   
   [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779)
   [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/)
   [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/)
 *  Thread Starter [alsmith](https://wordpress.org/support/users/alsmith/)
 * (@alsmith)
 * [15 years, 2 months ago](https://wordpress.org/support/topic/buy-online-basicpillscom/#post-1991919)
 * these are the same post links I have already implemented and still the issue 
   exists.
 *  [whitefirdesign](https://wordpress.org/support/users/whitefirdesign/)
 * (@whitefirdesign)
 * [15 years, 2 months ago](https://wordpress.org/support/topic/buy-online-basicpillscom/#post-1992038)
 * From what we were told by a hosting provider, the hacker is getting access to
   the websites through an exploited web server. Once access to the web server is
   gained it is possible for the hacker to read the website’s files and then modify
   databases.
 * Your hosting provider will need to find and fix what is allowing the web server
   to be exploited to prevent this from being able to happen again. If they are 
   not willing to do that, you should find a new hosting provider.
 * We have additional information in our [blog post](http://www.whitefirdesign.com/blog/2011/03/17/how-the-basicpills-com-spam-links-are-getting-into-websites/)
   about the issue.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Buy Online (basicpills.com’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 3 replies
 * 3 participants
 * Last reply from: [whitefirdesign](https://wordpress.org/support/users/whitefirdesign/)
 * Last activity: [15 years, 2 months ago](https://wordpress.org/support/topic/buy-online-basicpillscom/#post-1992038)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics