Chamunks
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: After removing malware, clicks to “somesite.com/[string]”So I just spent ages combatting a fresh infection of some kind and it seems like I’ve been plucking away at this thing weeding out crap everywhere its like the second one of these things get pwned it just keeps getting worse some jackass decided it would be smart to turn off updates and not tell anyone. I would suggest check your .htacess file it may have a redirect in there that only happens when you’re referred by known referring agents like google or bing. I think the idea is this evades detection by not replacing the contents if you go in direct via your normal domain.
Also it only required the authy token for hitting the dashboard but posting I didnt need it. On further inspection.
Disclaimer I’m so not a coder I have no idea where I should be installing this code 🙁 there were some guys in a campfire chatroom talking to me about this earlier today I’d just like to verify you also use Campfire.
My one suggestion would be enable users that cannot be logged into by certain means or whitelisting only logging in via certain means.