Title: i.simpli.fi script harmful?
Last modified: August 22, 2016

---

# i.simpli.fi script harmful?

 *  Resolved [Uthar](https://wordpress.org/support/users/uthar/)
 * (@uthar)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/)
 * Today I noticed the following script was added on my site. No idea how long it
   has been there. I noticed it by chance when I was trying to get a plugin working.
   The script is at the bottom of every page.
 * `<script src="http://i.simpli.fi/p?cid=21707&cb=dpx_545392._hp"></script>`
 * Things I have tried so far:
    -Disabled all plugins -Changed wordpress theme -
   Visited website from other pc
 * So far it seems it is not caused by malware on my pc. Because it is still there
   when I visit my site from another pc. Also both virus and malware scanner found
   nothing on my pc.
 * Anyone an idea if this script is actually harmful? And if so how can I remove
   it?

Viewing 14 replies - 1 through 14 (of 14 total)

 *  Moderator [James Huff](https://wordpress.org/support/users/macmanx/)
 * (@macmanx)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786709)
 * It looks like that script injects ads.
 * Remain calm and carefully follow [this guide](https://codex.wordpress.org/FAQ_My_site_was_hacked).
   When you’re done, you may want to implement some (if not all) of [the recommended security measures](https://codex.wordpress.org/Hardening_WordPress).
 *  Thread Starter [Uthar](https://wordpress.org/support/users/uthar/)
 * (@uthar)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786742)
 * So far all files seems to be clean and the following security plugins are not
   able to find anything:
 * Sucuri Security – Auditing, Malware Scanner and Hardening
    Quttera Web Malware
   Scanner Asgard Security Scanner
 * No idea where that script is coming from.
 *  Moderator [James Huff](https://wordpress.org/support/users/macmanx/)
 * (@macmanx)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786752)
 * Check WordPress’s main `index.php` file (not your theme’s `index.php` file).
 *  Thread Starter [Uthar](https://wordpress.org/support/users/uthar/)
 * (@uthar)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786764)
 * That one looks fine:
 *     ```
       <?php
       /**
        * Front to the WordPress application. This file doesn't do anything, but loads
        * wp-blog-header.php which does and tells WordPress to load the theme.
        *
        * @package WordPress
        */
   
       /**
        * Tells WordPress to load the WordPress theme and output it.
        *
        * @var bool
        */
       define('WP_USE_THEMES', true);
   
       /** Loads the WordPress Environment and Template */
       require( dirname( __FILE__ ) . '/wp-blog-header.php' );
       ```
   
 *  Moderator [James Huff](https://wordpress.org/support/users/macmanx/)
 * (@macmanx)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786766)
 * Ok, try deactivating all plugins. If that resolves the issue, reactivate each
   one individually until you find the cause.
 * If that does not resolve the issue, try switching to the Twenty Fifteen theme
   to rule-out a theme-specific issue.
 *  Thread Starter [Uthar](https://wordpress.org/support/users/uthar/)
 * (@uthar)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786806)
 * Thanks for your help so far James. But the plugins and theme were the first two
   things I tried (as stated in my first post.)
 * Another thing I tried was downloading all my data from the website and searching
   through all the files for the text “simpli.fi” using notepad++. But that also
   gave no results.
 *  [Andrew Nevins](https://wordpress.org/support/users/anevins/)
 * (@anevins)
 * WCLDN 2018 Contributor | Volunteer support
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786807)
 * Whereabouts in the source code is this code being injected?
 *  Thread Starter [Uthar](https://wordpress.org/support/users/uthar/)
 * (@uthar)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786809)
 * At the bottom of my page, see screenshot below:
    [http://oi61.tinypic.com/25fli8h.jpg](http://oi61.tinypic.com/25fli8h.jpg)
 * Also you can find my blog at bots.uthar.nl if that may help in finding this problem.
 *  Thread Starter [Uthar](https://wordpress.org/support/users/uthar/)
 * (@uthar)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786816)
 * I finally found it. A widget to show visitor information from [http://whos.amung.us](http://whos.amung.us)
   was adding the script.
 *  [Andrew Nevins](https://wordpress.org/support/users/anevins/)
 * (@anevins)
 * WCLDN 2018 Contributor | Volunteer support
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786817)
 * Great, nice work!
 *  Moderator [James Huff](https://wordpress.org/support/users/macmanx/)
 * (@macmanx)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786865)
 * I’m glad it’s fixed now. 🙂
 *  Thread Starter [Uthar](https://wordpress.org/support/users/uthar/)
 * (@uthar)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786890)
 * Just for future reference and additional information for users with a similar
   problem. I contacted whos.amung.us and got this reply:
 * >  Simpli.fi is not malware, it is a data categorization service used via one
   > of our partners that we will be using to provide more insight into our users
   > audiences via new stats we are going to provide.
   > You can of course prevent any third party services from being used via our 
   > services by adding the following javascript before the widget code:
   >  <script
   > type=”text/javascript> var _wau_opt = {‘fbase’: 1}; </script> This will limit
   > some aspects of our stats pages (what is being copied) however everything else
   > will run as expected still.
   > Hope this helps.
 * So simpli.fi itself is safe, although it gathers some data.
 * Finally simpli.fi is present in a number of malware infected sites that add ads,
   I assume those harmful scripts only use simpli.fi to make their ads better target
   the audience.
 * Now it is for yourself to decide whether or not you want to get rid of the simpli.
   fi script.
 *  Moderator [James Huff](https://wordpress.org/support/users/macmanx/)
 * (@macmanx)
 * [11 years, 3 months ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5786891)
 * Thanks for sharing that!
 *  [hammadkazmi](https://wordpress.org/support/users/hammadkazmi/)
 * (@hammadkazmi)
 * [11 years ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5787087)
 * Thanks buddy it solved my problem on [http://www.pcgan.com](http://www.pcgan.com)

Viewing 14 replies - 1 through 14 (of 14 total)

The topic ‘i.simpli.fi script harmful?’ is closed to new replies.

## Tags

 * [script](https://wordpress.org/support/topic-tag/script/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 14 replies
 * 4 participants
 * Last reply from: [hammadkazmi](https://wordpress.org/support/users/hammadkazmi/)
 * Last activity: [11 years ago](https://wordpress.org/support/topic/isimplifi-script-harmful/#post-5787087)
 * Status: resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics