Blog Sections Open
Investigating Hidden Casino Spam Pages on an Evolution CMS Site
A security troubleshooting note for hacked sites that suddenly generate thousands of unwanted spam pages that do not appear in the manager or obvious file locations.
One of the more alarming maintenance patterns in older CMS projects is a classic compromise: the site gets banned because thousands of casino spam pages appear under a hidden route, yet the documents are not visible in the manager, the obvious files look clean, and the database does not immediately reveal the source.
That combination is a strong sign that the attack is not just about visible content insertion. It may involve a hidden script, an injected include, a generated route layer, or code that only reveals itself under certain requests.
Why this kind of incident is dangerous
- The spam pages may be generated dynamically, not stored as normal resources.
- Search-engine penalties can arrive before the intrusion is fully understood.
- A surface-level file check may miss the real loader or backdoor.
What to do first
- Confirm whether the spam URLs map to real resources or generated output.
- Inspect rewrite rules, bootstrap files, and recently modified PHP files.
- Check for hidden includes, obfuscated code, or conditional loaders.
- Rotate credentials and plan a proper cleanup rather than deleting a few visible files.
This case still matters because it teaches the right mindset: if thousands of spam pages exist but cannot be found in the normal editorial surfaces, treat the site as compromised code, not as a content problem.
Fixing HTTPS Redirects and Mixed Content on Masterhost
A deployment troubleshooting note for Evolution CMS sites that redirect to HTTPS but still load some manager or frontend assets over HTTP, causing mixed-content errors.
Using Git in an Evolution CMS Workflow
A simple console-first workflow for creating and linking Evolution CMS elements from files so Git becomes part of day-to-day development.