harlock33
Forum Replies Created
-
Forum: Themes and Templates
In reply to: [onetone] to recover theme options after hacker attackIn my case, the attack also infected the database (fortunately I had a backup of). With the Onetone theme I was not able to recover the customization even restoring the backup of files and databases. I had to redo all the customization: it seems that this problem does not depend on the virus.
I’ve now been able to repair the weaknesses used by the hacker (I haven’t had any problems since 2 weeks ago). If it helps anyone, here’s what I did:
– I closed user registrations on the website
– I removed the write permissions to the important files (I set the permissions to 444 for the htaccess and wp-config.php files set to 444)
– I installed Wordfende and Cerber plugins both in free version (through Cerber in particular I was able to monitor the hacker who day by day searched the vulnerable points of my cms)
– I changed the login page address with the WPS Hide Login plugin
– I added (copy and paste code) 6G firewall in htaccess in the website root
– I disabled the native WP search by inserting a special function in the file function.php of the theme
– I disabled xmlrpc.php with the Disable XML-RPC plugin
– I disabled REST API (needed especially for WP versions 4.7 and 4.7.1) with the Disable REST API pluginFor all these measures you will find sufficient instructions on the net. But if you need any more information, my modest experience is at your disposal.
- This reply was modified 5 years, 11 months ago by harlock33.
Forum: Themes and Templates
In reply to: [onetone] to recover theme options after hacker attackSmall update: I installed new version of wordpress and new version of the theme on new database. The problems in order to import the theme settings persist. They seem to be independent of the hacker attack. This is a problem that this theme has always had, judging by the messages on the manufacturer’s forum https://mageewp.com/forums …which is currently NOT reachable!
It would be a great help if anyone who has had problems with importing a theme’s options could suggest some solutions.
Thanks
Forum: Themes and Templates
In reply to: [onetone] to recover theme options after hacker attackLooks like that the hacker manipulated the options manager: https://vuldb.com/?id.152745
However, I wonder why once the files and the database are replaced with backup copies it is not possible to reload the options correctly… any attack must insist on one of these two components.
Does anyone have any ideas?
ThankyouForum: Themes and Templates
In reply to: [onetone] to recover theme options after hacker attackI want to clarify: I can access appearance / custom menu item. However, I can’t find any way to reload my settings.
Forum: Themes and Templates
In reply to: [onetone] to recover theme options after hacker attackIn addition to the information given, one clue is that OneTone Companion plugin does not load any templates now
Forum: Themes and Templates
In reply to: [onetone] to recover theme options after hacker attackApparently the hacker needed to create new users in order to inject the bad code. Luckily on this website I don’t need to have new users, so from general WP settings I ruled out the possibility of registration for anyone. Moreover the suspicious traffic is directed especially to wp-login.php: temporarily I renamed this file so that it has another address. Obviously for different infections the holes used can be different. However, I have installed Wordfence Security and WP Cerber Security plugins that have helped me to find infected files and to analyze the traffic.
I’m hoping somebody will help me get this theme going again…