[resolved] Hackers + Page not loading properly (7 posts)

  1. Sara
    Posted 4 years ago #


    I'm new to this, but I'm trying as hard as I can to catch up. At least I'm used to computers...but still the "html world" is quite new to me.

    It seems like the blog have been visited by some hackers.
    I've tried to remove some plugins related to the problem. (A link checker plugin for example.)

    Now I'd like tips to understand what else I can do to:
    - solve the loading problem
    - avoid hackers in the future
    - remove malicious code

    I've installed Exploit scanner.
    I'm also thinking of installing vlogger (I think it's called something like that)

    According to Exploit scanner:
    Used by malicious scripts to decode previously obscured data/programs $decoded_sig = base64_decode($signature);

    Used by malicious scripts to decode previously obscured data/programs 'oauth_token' => base64_decode( $oauth['params']['oauth_token'] ),

    Used by malicious scripts to decode previously obscured data/programs 'oauth_token_secret' => base64_decode( $oauth['params']['oauth_token_secret'] )

    And then there are some comments like this (regarding the smallbiz theme, which I'm not using):
    Often used to execute malicious code tempobj=ie4? eval("document.all."+nextcanvas) : document.getEleme

    Google Chrome audit says:
    Optimize the order of styles and scripts
    Remove unused CSS rules (3946)

    Google Chrome Console says:
    Unsafe JavaScript attempt to access frame with URL http://www.XY*.com/ from frame with URL https://plusone.google.com/_/+1/fastbutton?url=http%3A%2F%2Fwww.XX.com%2F2012%2F01%2F30%2Fcreative-inspiration%2F&size=small&count=true&annotation=&hl=en-US&jsh=m%3B%2F_%2Fapps-static%2F_%2Fjs%2Fwidget%2F__features__%2Frt%3Dj%2Fver%3DoQdKS5lMfnY.it.%2Fsv%3D1%2Fam%3D!3VpfoDzrkXqI3ONhuw%2Fd%3D1%2F#id=I1_1328231995498&parent=http%3A%2F%2Fwww.XY*.com&rpctoken=420106453&_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart. Domains, protocols and ports must match.
    (similar message 7 times)

    Unable to post message to http://www.stumbleupon.com.

    (Where http://www.XY*.com = is my site, twice above)

    What do YOU need to help me better???
    I really need some guidance!


  2. MickeyRoush
    Posted 4 years ago #

    You should clean up the infection before trying to optimize it.

    Check your site(s) here:
    1. http://sitecheck.sucuri.net/scanner/
    2. http://www.unmaskparasites.com/
    3. http://www.virustotal.com/
    4. http://www.phishtank.com/
    5. Google Safe Browsing (to access a site's google info, add their domain to the end of this):

    Backup everything and put that backup somewhere safe.This is in case you have problems later on. Even though you could be backing up infected files, it is more important to have a backup up of your work, for if you make a mistake cleaning your site, you will still have the backup(s).
    1. http://codex.wordpress.org/WordPress_Backups
    2. http://codex.wordpress.org/Backing_Up_Your_Database
    3. http://codex.wordpress.org/Restoring_Your_Database_From_Backup

    Then read these:
    1. http://codex.wordpress.org/FAQ_My_site_was_hacked
    2. http://wordpress.org/support/topic/268083#post-1065779
    3. http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    4. http://ottopress.com/2009/hacked-wordpress-backdoors/

    Once your site is clean, then read this:

    Once you've cleaned up your site and hardened it, post another separate thread on obtaining help on optimization.

  3. Sara
    Posted 4 years ago #

    Hi again! THANKS A LOT FOR ALL THE HELP (so far). I'm so happy, seems like I've been lucky. No malicious code found. Tried it all. Therefore, now to the second problem...optimization.
    I guess I have a lot to do! Any feedback is greatly appreciated.

  4. Sara
    Posted 4 years ago #

    Hi again! I found another post telling me about some optimization suggestions.
    Therefore so far I've:
    - installed a optimization plugin
    - deactivated all plugins
    - activated one plugin at a time, checking the loading for each activation. This way I found 2 plugins that didn't work properly.

    If there is something else you suggest me to do, let me know!
    (I would really like to get those 2 plugins to work...)
    Thanks again.

  5. MickeyRoush
    Posted 4 years ago #

    Which plugins are causing you issues, and which plugins are you using to optimize your site?

    Also are you using Firebug to help isolate what may be causing you issues?

  6. Sara
    Posted 4 years ago #

    Hi again!
    The anti virus plugin that I've installed (and is up and running): Exploit scanner
    Should I install vlogger (I think it's called like that) as well?
    2 plugins with problem to load: nrelate Flyout 0.50.5 and Share rail 1.0
    Yesterday I deactivated share rail, and contacted nrelate to focus on solving that problem. When it's fixed, I'll contact Kerry James regaring Share rail.
    Optimization plugin (installed and up and running): TentBlogger 2.2
    Now I'll install Firebug. Didn't know about that one ;) Thanks!
    Is there something else I can do, please let me know.

  7. MickeyRoush
    Posted 4 years ago #

    Firebug is an Add-on for Firefox. Almost all developers use it in one way or another.

    I'm not familiar with your two plugins that you're having issues with. You're definitely going to have to consult those authors.

    You should also read here:

Topic Closed

This topic has been closed to new replies.

About this Topic