Daniel Cid
Forum Replies Created
-
If you deleted the plugin, the problem would not be it.
Did you do any other change lately on the site?
thanks,
Yep, that’s how it is configured to do by default. You can change the “email to” under settings as well.
thanks!
Hey guys, it should be all fixed.
The cert expired last night, but we fixed it this morning. I apologize for the trouble.
thanks!
Hey guys, it should be all fixed.
The cert expired last night, but we fixed it this morning. I apologize for the trouble.
thanks!
Forum: Plugins
In reply to: sucuri hacks wp-config to remove "edit" from adminThat’s a feature we have under our hardening. If you look in the plugin again, you will see we have an option called Plugin and Theme Editor Hardening:
“
Plugin & Theme editor
Occasionally you may wish to disable the plugin or theme editor to prevent overzealous users from being able to edit sensitive files and potentially crash the site. Disabling these also provides an additional layer of security if a hacker gains access to a well-privileged user account.”It is optional and you have to click there in order to disable it. The same page has the option to revert the changes.
thanks,
Forum: Plugins
In reply to: [FancyBox for WordPress] Possible malwareOh, that’s not us. Just someone trying to copy (or look like) us 🙂
Our blog post is here:
http://blog.sucuri.net/2015/02/zero-day-in-the-fancybox-for-wordpress-plugin.html
thanks!
Forum: Plugins
In reply to: [FancyBox for WordPress] Possible malware@gennady thanks for your help.
We can confirm it is a vulnerability (0-day) in the plugin. We actually have the malware (exploit) payloads being used to compromise sites.
We will post more details in a bit.
Forum: Plugins
In reply to: [FancyBox for WordPress] Possible malwareHey guys,
Anyone affected would be willing to share logs? If you can email them to labs@sucuri.net, we are trying to get a better picture of what is happening.
thanks,
Forum: Fixing WordPress
In reply to: soaksoak.ru MalwareYou have to update revslider and clean the admin user list from the database to prevent reinfections.
We shared more details here:
http://blog.sucuri.net/2014/12/soaksoak-malware-compromises-100000-wordpress-websites.html
Forum: Fixing WordPress
In reply to: All my sites (6) hacked@chadlamson: You sure? Check if you do not have other sites in the same account with it.
All sites we analyzed so far had revslider.
thanks,
Forum: Hacks
In reply to: Code inserted into php files, was I hacked?@bcworkz: We explain here how our free sitecheck works:
http://blog.sucuri.net/2012/10/ask-sucuri-how-does-sitecheck-work.html
The free sitecheck will not pick up all types of injections, specially backdoors and phishing. For a full audit, we have our paid server-side scanner that has a more comprehensive approach (a lot harder to bypass).
@csinia: This type of code is very common lately and I think related to:
But since that’s an old post, the payload may have changed.
Can you try again? We just pushed 1.6.8 (sorry for all the updateS).
jsimone: If you have known infections inside your site, it may cause issues with our plugin (or any other you have).
That’s always the issue with security plugins. If your site is hacked and compromised already, the plugin may not work as it should (some times you even lose access to wp-admin).
On these cases, I would recommend scanning your site remotely: http://sitecheck.sucuri.net
Please upgrade to the latest version (1.6.4 or up) that fixes it.
Sorry for the trouble.
thanks,
We have fixed it and the new version should work properly now (1.6.4 or up).