perezbox
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: Fake App Attack HelpGotcha.. You can also try using something like this: http://www.botsvsbrowsers.com/SimulateUserAgent.asp
You’re using very limited agents, there are hundreds, if not thousands. But at this point, its probably best to wait and see what they say instead of pulling your hair out. You could literally spent all day testing agents..lol.. trust me..lol
Hopefully its a false positive.. fingers crossed. Let us know though or I’ll start losing sleep..:) j/k
Forum: Fixing WordPress
In reply to: Malware pop-up@jan dembowski.. sniff sniff I understand.. I’m just going down the list on this and hacked.. whatever is next I hit.. do the same thing on badwarebusters and other CMS forusm.. i focus specifically on malware issues..:(.. but I’ll look at those too..
I yield, I yield… “Game of Thrones”.. He he
Forum: Fixing WordPress
In reply to: Malware pop-up@jan dembowski I see your point though. This is an old thread, I wasn’t paying much mind to the date and time just trying to resolve issues. I might be too tightly coupled with a normal ticket system where the objective is to resolve and close.
I’ll stop..:(
Back to the underworld I go
Forum: Fixing WordPress
In reply to: Malware pop-up@jan dembowski only reason I am doing that is because they are sitting there and I’m not sure if its resolved. I see there is a resolved / close ticket option, may be a good idea to use it after a period of time.
While I understand your point, sometimes simply asking if the issues still exists will help move the discussion on, don’t you think? Or is the plan to leave these tickets open indefinitely? You can see how it has helped in some of the other discussions.
Case in point, this ticket, where exactly did we leave @amyestes? I’m confused.
🙂
Forum: Fixing WordPress
In reply to: Malware pop-up@amyestes are you still having an issue with this?
Forum: Fixing WordPress
In reply to: Fake App Attack Help@nehemoth I think what we’re saying is to proceed with submitting it to Norton to see what they say. It could be a false positive, unsure right now. If you submit you’ll know for sure if they are flagging something current, or if its a cache issue.
I would also trying leveraging a number of other user agents to see if you can’t replicate the issue on the client side. If its a drive by download then its likely also conditional. Meaning only specific conditions render the issue (i.e., Windows Box, XP OS, IE 7, etc..).
Make sense?
Forum: Fixing WordPress
In reply to: Security warning malware@berrieg did that clear it for you?
Forum: Fixing WordPress
In reply to: My sites got hacked@joacim are you using any kind of auditing that would allow you to see the activity on your instance? Anything that tracks IPs and or checks for integrity? Also, what have you done to harden your environment?
Forum: Fixing WordPress
In reply to: Security warning malwareSa-weet..
Forum: Fixing WordPress
In reply to: Fixed Hacked WP site – Links still redirecting – PLZ HELP!@shotbyadam outstanding! Good call.
Thanks
Forum: Fixing WordPress
In reply to: Security warning malware@berrieg if you have moderation enabled you should be able to force it for an approval before it links back. That way you can capture it as SPAM before it posts. I’m trying to think if Akismet will handle SPAM trackbacks or not, can’t remember. You might also want to use some kind of a application firewall.
Forum: Fixing WordPress
In reply to: My sites got hacked@joacim Did you get this figured out or are you still struggling?
Sounds like a vulnerability was found and once in it just replicated itself. Changing the passwords are good, but you’re going to want to find the backdoor that is letting theme in to ensure it doesn’t happen again.
Forum: Fixing WordPress
In reply to: Fixed Hacked WP site – Links still redirecting – PLZ HELP!You still having issues here bud?
Forum: Fixing WordPress
In reply to: Fake App Attack Help@adpawel, I’m confused.
Are you saying that Norton is using the Google blacklisting API? Or are you pointing him to the instructions to submit for a review? Although I think they do use the Google blacklisting engine also.
I think its the latter, right? or maybe both.
@nehemoth have you submitted to Norton for a review just to confirm it is in fact still infected according to their engine?
I ask all this because you’re still showing infected on Norton: http://safeweb.norton.com/report/show?url=nehemoth.com and that’ll show up for anyone running Norton. So if it is clear, per @adpawl then you’re going to want to resubmit for evaluation to clear that warning.
Wow, didn’t mean to complicate that..lol
Forum: Fixing WordPress
In reply to: Security warning malwareThat’s great news!
There are a number of things you can do to harden, some include changing your passwords, but be sure to also protect yourself from external and internal attacks. Clean out your serer of junk and it might be a good time to go through and check all your users, forcing a password reset.
Last thing you want is a reinfection. There are also a number of things you can do with .htaccess to better protect yourself.
Best of luck.