Daniel Cid
Forum Replies Created
-
And check the latest version 🙂 It has some good new features.
thanks,
The first part about the language should be fixed now.
The admin user issue we are looking at it as well.
thanks!
Very good point. We will add it in there.
thanks,
Our hardening is done via multiple .htaccess files and disabling PHP execution on some folders. Unless you are talking about our CloudProxy WAF, which is then done by modifying your DNS to pass through us before reaching your site:
thanks,
Good feedback! We will take a look at it.
thanks,
There is no drawbacks at all. It is just a remote scanner (using our sitecheck API) that should not cause any issues.
thanks,
It looks like your 404 handler got modified to load those spammy pages.
It is probably on your .htaccess file or on your 404.php inside your theme. If you do a search for “curl” or file_get_contents you will likely find the culprit.
Sitecheck finds the spam seo injected and provide more details:
http://sitecheck.sucuri.net/results/seniorsfirst.org
thanks,
It is not related to jetpack, but the bad guys are injecting their malware on any plugin they find enabled on your site.
And many sites are being compromised with it:
http://labs.sucuri.net/?note=2013-07-14
So you probably have some other “way in” that they are using, unrelated to jetpack.
thanks,
Forum: Fixing WordPress
In reply to: Undesired Redirect when using Hand-Held DevicesYep, I see the malware in there… Our engine detects it as:
*Known javascript malware. Details: http://sucuri.net/malware/malware-entry-mwjs69693
<script>var _0xe1e8=[..It is conditional and only respond to certain user agents (iphone, ipad, etc).
If anyone is curious, it redirects to: httpx://[ redacted, why post that here? ] w/?type=js&seref=undefined
thanks,
Hey,
Can you try the latest version (1.1.4)? I forgot to commit that PHP file for the 1.1.3 version, sorry 🙁
thanks,
Forum: Fixing WordPress
In reply to: My blog is hacked and with malware!Also, note that this type of malware is related to stolen FTP passwords. We are seeing it on many sites and it comes through desktop viruses that steal passwords…
We did a blog post explaining about it a while ago:
http://blog.sucuri.net/2010/06/web-site-security-it-starts-with-your-desktop.html*The malware infection is different, but the method is the same.
thanks,
Forum: Fixing WordPress
In reply to: Malware on site … but where is the script!!!!Hey,
I did a quick scan of your site and it is indeed compromised:
http://sitecheck.sucuri.net/scanner/?scan=http://nyacwomenslax.com/
Simple steps you can take:
-Remove your .htaccess and all plugins/themes you have (hopefully you have a clean backup of your theme).
-Login to wp-admin and force an update on WordPress. Reinstall the plugins you need and your theme. It will overwrite most of the bad stuff. Re-generate your .htaccess.
-Change all your passwords.Now, it won’t guarantee that you don’t have backdoors hidden in there, but it is a good start and will probably remove most of the bad stuff…
thanks,
Forum: Fixing WordPress
In reply to: Getting hackedMake sure your own desktop is clean as well (lots of sites get hacked through stolen credentials via desktop virus).
A good text about it:
http://blog.sucuri.net/2010/11/yet-another-wordpress-security-post-part-one.html
thanks,
Forum: Hacks
In reply to: warning:file-get-contents () failed to open streamWe posted an article about this type of malware:
thanks,
Forum: Fixing WordPress
In reply to: malware installed/HackerIt seems your .htaccess got compromised to redirect some pages to these russian domains. Very similar to this case:
http://blog.sucuri.net/2011/08/wordpress-sites-with-htaccess-hacked.html
You can also try a quick (free) scan here to see if it finds anything: http://sitecheck.sucuri.net
thanks,