Malware Signatures

  1. Home
  2. Docs
  3. Malware Signatures
  4. php.spam-seo.remote_dor_content


Blackhat SEO is a malicious technique used to manipulate the search engine results in order to benefit a website in terms of relevance. The payload is PHP based, thus intended for server-side use and the payload is executed directly on the server, while the site is loaded. Only the payload result (such as malicious iframe, or redirect) is visible in the browser, not the malicious code itself
"Remote dorway content is a family of doorway scripts that load page content from reponte third party sites and display them on infected site on the fly. This allows hackers to be flexible with page content (don't need to change anything on hacked sites if they want to change
anything on in the pammy contern they want to serve) and to keep the injected code relatively small. and hard to detect.


Any site on a server with PHP and enabled modules and functions that can download content from remote servers, e.g. file_get_contents, curl, etc.


You need to locate the doorway code and delete it. It may be in a stand-alone file (usually referenced vi .htaccesss) or injected into one of legitimate files.
You can sign up with us and let our team remove the malware for you.