perezbox
Forum Replies Created
-
Forum: Plugins
In reply to: [Ghost] Export Throws a DOMDocument ErrorHey @javorszky
Ah, thanks for pointing me int he right direction.
I run very clean installs with very few dependencies configured, only apply them as I need them. The DOMDocument class seems to be XML, and I wasn’t running php-xml which included:
/usr/lib64/php/modules/dom.so
/usr/lib64/php/modules/wddx.so
/usr/lib64/php/modules/xmlreader.so
/usr/lib64/php/modules/xmlwriter.so
/usr/lib64/php/modules/xsl.soOnce installed, I restarted Apache and like magic, it worked.. By chance am I able to contribute this troubleshooting step to your documentation under troubleshooting WordPress exports? I imagine, and hope, I’m not going to be the only one that made this bone head move.. 🙂
Thanks again for the speedy response..
Tony
Tony
This entire case is very peculiar. I’m going to ask one of my developers to assist, but it won’t be until Monday.
That’s a very odd response from GoDaddy.
Great news, thanks and keep me posted please.
Ok, great I was worried it killed your site.
Is this a VPS by chance? That error is a server confit conflict, I’m wondering if you can do something like this
Oh I see, this is happening every time you click the post hack? And / or hardening?
I would probably stop removing a bunch stuff for now, it’ll make it difficult to trace your steps.
Can you paste the error logs please?
Ah
I think I know the issue.
Log into your FTP and remove the .htaccess we added to WP-content. I would rename it to be safe, and that will likely do the trick.
If that doesn’t do he trick, remove it from /uploads in WP-content.
I think it’s because of the Disale PHO execution feature.
Can you try that real quick?
Thanks
Yup, good catch we’ll have to get that looked at right away.
Very odd, can you get us the error logs for the server? At least your site?
Does it come back if you disable the plugin via FTP?
Thanks
Hi @leejosepho
Thank you so much for taking the time to share your thoughts on this matter. We’ll take it under advisement in future releases, at this time however it’ll stay in it’s current setup.
All the best,
Tony
Forum: Plugins
In reply to: [Mailchimp List Subscribe Form] Removing Affiliate LinkNow I just feel silly.. 🙂
Thanks guys. Cool plugin, bro.
Forum: Fixing WordPress
In reply to: Plugins have disapeared from wp-adminNot sure switching hosts addresses your problem.. but ok, sounds good. Best of luck.
Tony
This is known as a conditional payload, we actually just wrote a post about what that is on our blog:
http://blog.sucuri.net/2014/09/conditional-malicious-iframe-targeting-wordpress-web-sites.html
and explain it again in an older post here:
http://blog.sucuri.net/2012/06/understanding-conditional-malware-ip-centric-variation.html
Thanks
Forum: Everything else WordPress
In reply to: Odd links at footer of page.The guide above was written as a guide, but does not walk you through every scenario. I know this because I have written most of it.
That being said, Mac is right in that repairing the theme is likely not going to solve the issue.
That being said, if the issue is in your theme, you’re in luck. It’s a very lazy hack.
Often case, when it’s type of infection we don’t find much in the way of backdoors, but we do often see a common thread for the vector being via wp-admin.
So the good news there is by resetting all your passwords, restoring your theme, applying some form of better access controls, you will go a long way.
The other thing I’d look at is if you have the Theme Editor enabled in your Apperance menu. If you do, consider disabling it, as it’s often a very common method of injection when we find it in the theme files.
Hope this helps.
Tony