peter_sucuri
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: Taxonomy hacked?That “tid” is just variable name the malware is using for the GET requests. Please follow the steps esmi mentioned and if you’ll have still problems, just let us know 🙂
Forum: Fixing WordPress
In reply to: WordPress Hacked, residule malicious code?Hmm, injection of such short link prior to the rest of the legitimate site code could be also server-level infection. In such case, the cooperation with your hosting provider will be necessary. If you’re still having the problem please let us know here and let us know what steps did you already followed.
Forum: Fixing WordPress
In reply to: Hacked WordPress sites – code in header.phpHi svetto,
I’d love to help and let you know what exactly the code did, but I’d need it shared here via pastebin here. If you still need it, just share the code..
Hi Mikoz_01,
yes, the reason might be that you was previously infected and thus the attackers has your site “listed”. What I can recommend is checking your logs whether any other files are accessed from outside (might be some leftovers of the infection) and if these are still active and “answering” the attackers, they might to see this as a “green light” for trying to hack your site over and over. Right now, I didn’t notice anything suspicious on your site and even our SiteCheck returns your site as clean. Maybe you could be interested in applying another security level – Web Application Firewall. You can read more about our WAF here: http://cloudproxy.sucuri.net/features but there are surely also other products – it’s just up to your decision.
Forum: Fixing WordPress
In reply to: wp-includes/Text/Diff/.log files with misleading namesHi Oipjuss,
you can start e.g. here: http://sitecheck.sucuri.net/
And yes, having such folder and files inside of that particular folder is really suspicious. My guess is some kind of spam infection but without more details, I’m unfortunately not able to say more.
You can also check this link where you can get more useful information:
http://codex.wordpress.org/FAQ_My_site_was_hacked
If none of these helps, just try to give us more detailed description, e.g. what’s your site address, are there any other problems or suspicious behavior on your site? What WP version do you use? Etc.. Generally, the more details you provide, the better the community will be able to help.
Forum: Fixing WordPress
In reply to: Fake links that redirecting to a malware siteHi there,
I assume, that your site is http://www.nicholsenvironmental.com/ – am I right? Could you be a bit more specific and describe when exactly does this redirect happen? Simply, giving us the bit more pieces of the whole infection image would be great!
Thanks!