Disqus clickjacks your referral links
Posted: Saturday, July 02, 2016 4:52:19 AM
So it turns out that the once wonderful Disqus commenting ssystem for your site or blog is clickjacking any referral links it finds on the page it's on.

Clickjacking means that when a visitor clciks on your precious referral link, in the background, Disqus redirects it through their shareasale link, which in turn substitutes their ref id for yours. They do it for all sorts of aff sites, not just Z.

So you've been warned. I've just taken it off the page I was using it on because I happened to notice the clickjacking taking place.

Here's a twitter discussion about it. Strong language warning:
https://twitter.com/sabiddle/status/466667519005032448
Posted: Saturday, July 02, 2016 5:06:03 AM
The company behind the legitimized clickjacking is VigLink:
https://en.wikipedia.org/wiki/VigLink
Posted: Saturday, July 02, 2016 5:06:51 AM
That tweet is from 2014. They said they fixed it too. Wonder if it is still that way.
Posted: Saturday, July 02, 2016 6:08:04 AM
Cheries_Art wrote:
That tweet is from 2014. They said they fixed it too. Wonder if it is still that way.

Yes, it is. I noticed it happening on one of my pages with a disqus widget. I thought I'd warn peeps.
Posted: Saturday, July 02, 2016 6:41:29 AM
There's a question (no answer from plugin author) on WP Support forum from 2 months ago: https://wordpress.org/support/topic/disqus-plugin-has-vulnerabilities.

I don't use Disqus anywhere, but it seems to me the way around it is to point links to your own site and then redirect from there to Zazzle. Have you tried that? A link shortener may also work?
Posted: Saturday, July 02, 2016 6:52:28 AM
roykronk wrote:
There's a question (no answer from plugin author) on WP Support forum from 2 months ago: https://wordpress.org/support/topic/disqus-plugin-has-vulnerabilities.

I don't use Disqus anywhere, but it seems to me the way around it is to point links to your own site and then redirect from there to Zazzle. Have you tried that? A link shortener may also work?

It was simple - I just stopped using Disqus on that page Smile
Posted: Friday, March 30, 2018 7:13:44 PM
About three weeks ago, my Chrome browser has been redirected to VigLink when I click on one of my Zazzle store links. Can somebody tell me how to make this stop? I've tried opting out on the VigLink website--that didn't work. I tried checking my installed programs and my Chrome extensions and couldn't find anything suspicious.

Haven't noticed any other problems with my computer, but the redirecting is really annoying and I worry that I might infect someone else with what ever is causing VigLink.
Posted: Saturday, March 31, 2018 3:59:07 AM
Have you tried deleting the link, then recreating it as a brand-new one? Maybe in that way, you can get rid of whatever is stuck to the original one.
Users browsing this topic
Guest


Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.
Print this topic
RSS Feed
Normal
Threaded