Are you on a godaddy hosting account?
Thread Starter
robimx
(@robimx)
sadly yes….
It’s back up and running after today’s “attack” on GoDaddy but this problem has arisen
They are not even close to 100% operational. They are more than likely the ones cause the banners popping up while they try to close this door that got opened. I have some .htaccess errors myself with other plug ins on a few sites that are not making sense. I would say wait a bit to deactivate it or reinstall just in case there is something left. But you can always deactivate all the other plug ins and see if that fixes the banners. I have had to turn off shopping carts due to false sales being generated.
Plugin Author
AITpro
(@aitpro)
Yep it is possible that this is a left over GoDaddy DNS issue, but what you need to check is your root .htaccess file at the time the problem occurs. If the .htaccess file is being modified by another plugin, etc. The next time the problem occurs use the BPS built-in .htaccess editor and copy the entire contents of the root .htaccess file into a NotePad text file. Then reactive BulletProof Mode for your Root folder and copy the entire contents of the root .htaccess file into another NotePad text file. Then put the 2 files side by side and compare them for any differences.
Thread Starter
robimx
(@robimx)
well this is defintely not right, this is the part of the root that keeps getting rewritten
right at the top before the Bulletproof code starts :S
[ Moderator note: hacked .htaccess file redacted, no need to give those spammers air time. ]
Plugin Author
AITpro
(@aitpro)
Yep your website has been hacked. Most likely since this keeps reoccuring then the hackers have uploaded a Shell hacking script to your website files. You will either need to restore your website from a good backup or you will need to backup all your files and WP Database and then reinstall everything clean and then import only your content back into your WP DB. ie Posts, Pages and Comments.
Thread Starter
robimx
(@robimx)
I have a plugin that emails me a backup .zip every day so I have plenty of those. I have never done a backup, how to do that?
I would also check to see if there is an extra .js file or text file sitting outside of the root folders aka admin, cont, includes. I have 3 sites I have to do the same thing to. Good luck to you robimx.
Plugin Author
AITpro
(@aitpro)
A nice simple backup plugin that will back up both your website files and your WordPress Database is BackWPup. Once you back everything up then nuke your site. Then change your web host password, FTP password (and SSH password if you have enabled SSH).
Then do a clean installation of WordPress and restore/import ONLY your database content tables shown below.
wp_comments
wp_links
wp_postmeta
wp_posts
wp_terms
wp_term_relationships
wp_term_taxonomy
wp_usermeta
wp_users
And finally you will need to upload your image files to /uploads, but you want to go through all them carefully to ensure there are not any hacker files in this folder.
NOTE: check the User accounts for your current site before nuking it and if you see an Administrator account that you do not recognize then delete it.