Currently, there is no way to use the Regex filter to capture “Everything” is not allowed in Microsoft 365 environment. This is by design.
A bit annoying when you want to tag a sensitivity label to all files
Recently a wordpress site had multiple SQL injections into the content randomly throughout the 100 or so blog posts as per right. These included generic keywords such as :
The sites it linked to where :
http://masagro.mx/index.php/en/payday-loans-in-goldsboro-nc
http://simlesa.cimmyt.org/index.php/payday-loans-indiana
http://www.redclara.net/generic-viagra-us/
http://greatvines.com/cialis-online-fda
http://www.crackunit2.com/purchase-cheap-levitra/Going through these with Search and Replace plugin was going to take ages , so I tried to look for a regex script. I can across the following , curtious of https://managewp.com/clean-link-injections-hacked-websites however this only looked for cetrain Div Tags. I needed something to remove Hyperlinks containing the above keywords. I modified the code to the below and placed into the functions.php file and ran with preview on then off and went through the keyword list. Cleared about 1000 links!!
//Enter keyword below to check for in hyperlinks ( the whole link )
$spamkeyword = "spamkeyword";
// By default only preview infected posts. Change to 0 to clean posts
$preview_only = 1;
// This is the pattern to search and replace with blank
$pattern = '%<a href=[\"\'][^"]*?'.$spamkeyword.'.*?[\"\']>.*?</a>%';
// This is the query to find suspicious posts using fast SQL query
$query="SELECT ID, post_content from $wpdb->posts where post_content LIKE '%$spamkeyword%'";
global $wpdb;
$num_cleaned = 0;
$posts = $wpdb->get_results($query);
echo "Suspicious: ".count($posts)." ";
if ($preview_only)
echo "Post IDs: ";
// go through all suspicious posts
foreach ($posts as $post)
//echo $post->post_content;
{
if (!$preview_only)
{
// try the pattern
$new_content=preg_replace($pattern, '', $post->post_content);
// update the cleaned content
if ($new_content!=$post->post_content) {
$wpdb->update(
$wpdb->posts,
array(
'post_content' => $new_content
),
array( 'ID' => $post->ID ));
$num_cleaned++;
}
}
else echo $post->ID." ";
//UnComment Below to See Results of Preview before comitting
//echo preg_replace($pattern, '', $post->post_content);
}
if (!$preview_only)
echo "Cleaned: $num_cleaned";
Upon searching for help with this , I did have to smile at the irony of the Regex Help Website being hacked in the same fashion , although obviously all clear now!