Title: empowersource's Replies | WordPress.org

---

# empowersource

  [  ](https://wordpress.org/support/users/empowersource/)

 *   [Profile](https://wordpress.org/support/users/empowersource/)
 *   [Topics Started](https://wordpress.org/support/users/empowersource/topics/)
 *   [Replies Created](https://wordpress.org/support/users/empowersource/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/empowersource/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/empowersource/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/empowersource/engagements/)
 *   [Favorites](https://wordpress.org/support/users/empowersource/favorites/)

 Search replies:

## Forum Replies Created

Viewing 12 replies - 1 through 12 (of 12 total)

 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Site hacked despite Wordfence](https://wordpress.org/support/topic/site-hacked-despite-wordfence/)
 *  [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 5 months ago](https://wordpress.org/support/topic/site-hacked-despite-wordfence/page/3/#post-10977605)
 * [@vmiki96](https://wordpress.org/support/users/vmiki96/) That’s odd. sucuri says
   that the site is clean ([https://sitecheck.sucuri.net/results/https/puremana.hu](https://sitecheck.sucuri.net/results/https/puremana.hu))
   and I can’t find the script anywhere either. Maybe if you could be a little more
   specific about where, when and what exactly happens on your page that makes you
   think that it is still infected?
    [@andreipol](https://wordpress.org/support/users/andreipol/)
   Strange enough, though sucuri says that your site is still infected, I can’t 
   identify the script in your source code. Maybe use the script on your site as
   identified from sucuri (<script type=’text/javascript’ src=’[http://blueeyeswebsite.com/ad.js?ldp111&#](http://blueeyeswebsite.com/ad.js?ldp111&#))
   and run it with my command from before and see what happens? Please make a backup
   before, because according to sucuri, the script might have mingled with some 
   internal scripts from your site and clearing out the former might render the 
   latter disfunctional.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Site hacked despite Wordfence](https://wordpress.org/support/topic/site-hacked-despite-wordfence/)
 *  [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 5 months ago](https://wordpress.org/support/topic/site-hacked-despite-wordfence/page/3/#post-10972311)
 * @steveb36 Let us know their reply. Others might have the same issue with their
   provider.
    [@vmiki96](https://wordpress.org/support/users/vmiki96/) The code 
   seems to be clear. Have you had any unwanted forwarding or other problems connected
   to the issue since the reconstruction of the database? [@levelocipediste](https://wordpress.org/support/users/levelocipediste/)
   Glad to hear it! [@deardevils](https://wordpress.org/support/users/deardevils/)
   I cleared the database with the aforementioned command, updated all the plugins
   and changed the on-site passwords (I also did not save the passwords in my browser
   this time and updated the Antivirus software on my computers). The script did
   not reappear after that.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Site hacked despite Wordfence](https://wordpress.org/support/topic/site-hacked-despite-wordfence/)
 *  [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 5 months ago](https://wordpress.org/support/topic/site-hacked-despite-wordfence/page/2/#post-10967552)
 * [@cva183](https://wordpress.org/support/users/cva183/) Hi there. Do you get an
   error message when you use the script? It could have to do with the quotation
   marks. As described in my answer to [@saitou-sei](https://wordpress.org/support/users/saitou-sei/),
   you should fill in the original script from your site instead.
 * I’m pretty much a noob myself, but as I understand it, information_schema is 
   read only. The UPDATE command that I used should clean every part of the database
   that needs to be cleaned.
    -  This reply was modified 7 years, 5 months ago by [empowersource](https://wordpress.org/support/users/empowersource/).
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Site hacked despite Wordfence](https://wordpress.org/support/topic/site-hacked-despite-wordfence/)
 *  [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 5 months ago](https://wordpress.org/support/topic/site-hacked-despite-wordfence/page/2/#post-10967513)
 * [@levelocipediste](https://wordpress.org/support/users/levelocipediste/) If you
   can access your database via phpMyAdmin, maybe my script from the first page 
   of this thread might help.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Site hacked despite Wordfence](https://wordpress.org/support/topic/site-hacked-despite-wordfence/)
 *  [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 5 months ago](https://wordpress.org/support/topic/site-hacked-despite-wordfence/page/2/#post-10967502)
 * [@steveb366](https://wordpress.org/support/users/steveb366/) I doubt that a host
   would deliberately let their hosted sites get infected. Greed is a great motivator
   though, so there is no quarantee. However, threatening to remove your sites if
   you don’t upgrade your package is unacceptable. This infection does not compromise
   their server security and even if it did, it would be their own fault. You have
   used your account in a manner that they allowed in the first place and if this
   leads to an infection, then it is in their responsibility not to let it spread.
   Furthermore, a site forwarding script is no serious security risk for anyone.
   
   I would therefore recommend to switch hosting services asap.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Site hacked despite Wordfence](https://wordpress.org/support/topic/site-hacked-despite-wordfence/)
 *  [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 5 months ago](https://wordpress.org/support/topic/site-hacked-despite-wordfence/page/2/#post-10967470)
 * [@saitou-sei](https://wordpress.org/support/users/saitou-sei/) This should work
   for you. I guess, you copied the line right out of my post? Unfortunatelly, the
   forum must have messed up the quotation marks. Just use the command from my post
   and fill in the proper script from your own page. That should to the trick.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Site hacked despite Wordfence](https://wordpress.org/support/topic/site-hacked-despite-wordfence/)
 *  [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 5 months ago](https://wordpress.org/support/topic/site-hacked-despite-wordfence/page/2/#post-10967433)
 * [@vmiki96](https://wordpress.org/support/users/vmiki96/) Did you mess with your
   database? It seems to be gone completely so there’s nothing to check. Maybe load
   a backup and feel free to ask again once the website is up again.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Site hacked despite Wordfence](https://wordpress.org/support/topic/site-hacked-despite-wordfence/)
 *  [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 5 months ago](https://wordpress.org/support/topic/site-hacked-despite-wordfence/page/2/#post-10951881)
 * [@saitou-sei](https://wordpress.org/support/users/saitou-sei/): the command will
   only work if the bad script is exactly the same. Can you post the URL, so I can
   check for the actual script on your page?
    -  This reply was modified 7 years, 5 months ago by [empowersource](https://wordpress.org/support/users/empowersource/).
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Site hacked despite Wordfence](https://wordpress.org/support/topic/site-hacked-despite-wordfence/)
 *  [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 5 months ago](https://wordpress.org/support/topic/site-hacked-despite-wordfence/#post-10944614)
 * Hello everyone,
 * we’ve been hacked as well on both our websites. I couldn’t say which plugin was
   responsible but we didn’t update some of the plugins as regularly as we probably
   should have, so it could have been any of those. Our research suggests that this
   is a larger attack wave with numerous websites worldwide infected.
 * We have for now updated all plugins and strengthend our site- and network-security
   and removed the script from our databases with this SQL command in phpMyAdmin:
 * UPDATE wp_posts SET post_content = REPLACE ( post_content, “<script src=’[https://forwardmytraffic.com/ad.js?port=5&#8242](https://forwardmytraffic.com/ad.js?port=5&#8242);
   type=’text/javascript’></script><script src=’[https://blueeyeswebsite.com/ad.js&#8217](https://blueeyeswebsite.com/ad.js&#8217);
   type=’text/javascript’></script>”, “” );
 * It seems to do the trick for now. I will update you if the script should find
   it’s way back into our database.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Livemesh SiteOrigin Widgets] Livemesh Stats Bars do not work](https://wordpress.org/support/topic/livemesh-stats-bars-do-not-work/)
 *  Thread Starter [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 9 months ago](https://wordpress.org/support/topic/livemesh-stats-bars-do-not-work/#post-10540256)
 * It worked! You are the greatest!! Thanks a lot, I will definetly recommend your
   fantastic bundle!! Cheers
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Livemesh SiteOrigin Widgets] Livemesh Stats Bars do not work](https://wordpress.org/support/topic/livemesh-stats-bars-do-not-work/)
 *  Thread Starter [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 9 months ago](https://wordpress.org/support/topic/livemesh-stats-bars-do-not-work/#post-10508159)
 * thanks a lot for fixing this!
    Seemingly there was no update available as of 
   yet? How long do you estimate for the update to be published?
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Livemesh SiteOrigin Widgets] Livemesh Stats Bars do not work](https://wordpress.org/support/topic/livemesh-stats-bars-do-not-work/)
 *  Thread Starter [empowersource](https://wordpress.org/support/users/empowersource/)
 * (@empowersource)
 * [7 years, 10 months ago](https://wordpress.org/support/topic/livemesh-stats-bars-do-not-work/#post-10477733)
 * Hi Livemesh Team,
 * thank you for your incredibly quick reply!
 * Unfortunatelly all former versions lower than 1.7.4 (I used the “WP Rollback”
   plugin for testing) now only seem to produce a white overlay that covers the 
   whole page completely in desktop view and almost completely in mobile view… ;(
 * Screenshot here: [https://machdeinenstrom.de/wp-content/uploads/2018/07/Screenshot_livemesh.jpeg](https://machdeinenstrom.de/wp-content/uploads/2018/07/Screenshot_livemesh.jpeg)
 * Could your give me an alternative as to how to restore my stats bars?
 * Thank you for your patience!

Viewing 12 replies - 1 through 12 (of 12 total)