danimal423
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: Levitra Viagra Cialis Spam in BodyI found quite a few php files that had been added to the directory that did not belong there. They all had similar “fishy” code. I’m assuming these were the hacker’s “backdoors”. I can’t tell for sure if I have found all malicious code, but for now I’ll mark this as resolved.
Forum: Fixing WordPress
In reply to: Levitra Viagra Cialis Spam in BodyMy apologies.. Just trying to include as much information as possible to get this resolved.
Spam code can be found be found here: http://pastebin.com/BL79Ce5Y
Forum: Fixing WordPress
In reply to: Levitra Viagra Cialis Spam in BodyNow onto trying to find and remove the backdoor codes…
I’ve identified a few files that look fishy, but I am not an experienced developer. Files that have the fishy code include:
wp-admin/includes/class-wp-media.php
wp-content/plugins/akismet/api.php
wp-admin/js/utils.js
wp-content/plugins/jetpack/api/phpThese files were not updated when WP was updated, do not include any comments that I usually see in standard WP files and well, some of the variables say “door”.
Sample code (sorry in advance if not appropriate to post):
[Code moderated. Please do not post hack code blocks in the forums. Please use the pastebin]
Forum: Fixing WordPress
In reply to: Levitra Viagra Cialis Spam in Bodyesmi,
Thank you so much for these resources. The “How to find a backdoor” article is a great help.JarretC,
Thank you so much for this specific example of what the malicious code might look like and where it could be found. I found something very similar in my functions.php file. Once removed, the spam content disappeared.Forum: Themes and Templates
In reply to: [Minimatica] Issues with 3.5I’m having the same issue! Is there a plan for this to be fixed / updated? If so, any general timeline we can look forward to? I would hate to have to switch to a different theme.