Title: webbadger's Replies | WordPress.org

---

# webbadger

  [  ](https://wordpress.org/support/users/webbadger/)

 *   [Profile](https://wordpress.org/support/users/webbadger/)
 *   [Topics Started](https://wordpress.org/support/users/webbadger/topics/)
 *   [Replies Created](https://wordpress.org/support/users/webbadger/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/webbadger/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/webbadger/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/webbadger/engagements/)
 *   [Favorites](https://wordpress.org/support/users/webbadger/favorites/)

 Search replies:

## Forum Replies Created

Viewing 15 replies - 1 through 15 (of 24 total)

1 [2](https://wordpress.org/support/users/webbadger/replies/page/2/?output_format=md)
[→](https://wordpress.org/support/users/webbadger/replies/page/2/?output_format=md)

 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Error404 after pressing publish](https://wordpress.org/support/topic/error404-after-pressing-publish/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 7 months ago](https://wordpress.org/support/topic/error404-after-pressing-publish/#post-4175288)
 * Tried that… thanks tho!
 * I have just installed a fresh install in another directory…
 * Still not working.. its gotta be the server set up!
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Error404 after pressing publish](https://wordpress.org/support/topic/error404-after-pressing-publish/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 7 months ago](https://wordpress.org/support/topic/error404-after-pressing-publish/#post-4175150)
 * Yes its on now but still now working. I have a feeling its a server issue. Just
   seen this, [http://wordpress.org/support/topic/moved-server-now-cant-install-or-update-plugins?replies=5](http://wordpress.org/support/topic/moved-server-now-cant-install-or-update-plugins?replies=5)
 * I have followed instructions, but no joy yet. I waiting for host to respond.
 * Thanks for reply
 *   Forum: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
   
   In reply to: [Server blocking IP's of my WordPress Sites](https://wordpress.org/support/topic/server-blocking-ips-of-my-wordpress-sites/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 9 months ago](https://wordpress.org/support/topic/server-blocking-ips-of-my-wordpress-sites/#post-3953805)
 * Thanks Esmi,
 * I have just recived this response from Storm Internet. They say it is a wordpress
   issue.
 * > mod_security is an integral part of server security.
   >  WP is a open source, 
   > third party and free application and as such preferred by lots of users. Basically
   > because of its flexibility, attractive themes, plugins, modules, it become 
   > popular as if you install a default WP, it shows only plain text. There are
   > several other popular CMS applications too available.
   > Mod Security is a Apache module. Modsec monitors all incoming HTTP requests
   > for malicious behavior, and does not complete requests that meet certain criteria.
   > These criteria are spelled out in what are called “rules” or “rulesets”.
   >  WP
   > found to be vulnerable all the time because of its themes, plugins, modules
   > etc. and this is not what we are saying but this is what you will find most
   > of the users complaining on WP forum itself. You will also find that for most
   > of the critical issues post on WP forum, no proper resolution has provided 
   > for them. The default installation of WP is always secure and should not create
   > such issues as it do not contain any customization, plugins, modules, themes
   > etc.
   > Because of these known vulnerabilities, modsec always trigger if there is any
   > malicious behavior noticed from web site and it blocks the user IP immediately
   > to avoid any major issues that may happen with it.
   >  This is a security measure
   > and not a problem on server. Unfortunately, there are some instances where 
   > legitimate requests are stopped as well due to the rules set but this can be
   > avoided by disabling modsec for that specific site. When modsec is triggered
   > by a piece of code that performs a legitimate function of your site, it is 
   > best to have that code rewritten so as not to trigger modsec. Each of modsec’s
   > rules catch attacks, so if modsec is treating your site code like an attack,
   > the problem is almost always with what the site code is doing.
   > When the site is not developed with your own code, and when it is a third party
   > application then you may have to turning off the specific modsec rule that 
   > the site triggers.
   > We have thousands of WP web sites on our Windows as well as Linux server and
   > successfully running those sites from last couple of years.
   >  Also its very 
   > rare someone contact us regarding their IP being blocked by accessing WP sites
   > which shows its not so common with our users. If you are facing this problem
   > frequently then its your WP site scripts which are making modsec to trigger
   > as those are found to be suspicious in nature. These are all standard rules
   > of modsec and not each custom so if you face any such issue with your web site
   > then you can inform us to disable modsec for it and we can get this for you.
   > But it is not something that we can make changes on server security just because
   > any specific WP site blocking the users.
   > We advertise about WP at :
   >  [http://www.storminternet.co.uk/hosting_wordpress.asp](http://www.storminternet.co.uk/hosting_wordpress.asp)
   > because we successfully host thousands of WP sites on our servers.
   >  If its 
   > just you who is facing issues with WP sites, it does not mean that we are unable
   > to handle wordpress.
   > Should you require any further information or if we can be of assistance with
   > anything else please do not hesitate to get in touch.
   > Kind regards,
   > Storm Internet Ltd | Senior Support Engineer
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Captain Slider] Slider stalls on 1st load until full cycle](https://wordpress.org/support/topic/slider-stalls-on-1st-load-until-full-cycle/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 10 months ago](https://wordpress.org/support/topic/slider-stalls-on-1st-load-until-full-cycle/#post-3610929)
 * No.. not yet. Captain Theme said he would send a fix 2 months ago. I think we
   are best off using an alternative.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [.htaccess not updating. Shows error404](https://wordpress.org/support/topic/htaccess-not-updating-shows-error404/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/htaccess-not-updating-shows-error404/#post-3814592)
 * Still cant find a solution? Any one seen this before?
 * > Hi,
   > Hopefully someone can help.. im stummped!
   > I cant make this site update the .httacess to allow permalinks.
   > It just shows Error404’s
   > If I then reset to default, it just an empty file with comments eg:
   > # BEGIN WordPress
   > # END WordPress
   > I have tried uploading # BEGIN WordPress
   >  <IfModule mod_rewrite.c> RewriteEngine
   > On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME}!-
   > d RewriteRule . /index.php [L] </IfModule> # END WordPress
   > Its in root directory
   > I have tried changing permissions
   > I have re installed WP
   > Any helpfill be appreciated
   > [http://www.blossomclothingcornwall.com/](http://www.blossomclothingcornwall.com/)
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [.htaccess not updating. Shows error404](https://wordpress.org/support/topic/htaccess-not-updating-shows-error404/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/htaccess-not-updating-shows-error404/#post-3814336)
 * Hi thanks for your reply.
 * It is enabled.
 * I have many sites on this server.. they all work fine… apart from this one
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [All my admin logins have changed to 'Chereckt'](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/#post-3801503)
 * Found this:
 * [http://brutegorilla.com/wordpress-default-themes-may-be-vulnerable-to-hacking/#axzz2Ut9hXw2H](http://brutegorilla.com/wordpress-default-themes-may-be-vulnerable-to-hacking/#axzz2Ut9hXw2H)
 * BruteGorilla March 23, 2013
    WordPress Default themes may be vulnerable to hacking
   continued after advt
 * If you are using or not using WordPress default themes, you could end up being
   hacked. I was checking into a worddefence security plugin (Click to get one) 
   alert and found this:
 * * Modified theme file: wp-content/themes/twentyeleven/languages/twentyeleven.
   pot
    * Modified theme file: wp-content/themes/twentytwelve/languages/twentytwelve.
   pot
 * This is not the first time, I am getting it.
 * If you are concerned, first try blocking:
 * Nigeria, 197.242.108.216
    AS37340 Spectranet Client: Win7 (1366x768x24) Firefox
   19.0 (JavaScript: 1.8, Cookie: Yes, Java: No)
 * It might help.
 * Read more: [http://brutegorilla.com/wordpress-default-themes-may-be-vulnerable-to-hacking/#ixzz2Ut9pS7dw](http://brutegorilla.com/wordpress-default-themes-may-be-vulnerable-to-hacking/#ixzz2Ut9pS7dw)
   
   Frontier India – news, Analysis, Opinion Follow us: @frontierindia on Twitter
   | frontierindia on Facebook
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [All my admin logins have changed to 'Chereckt'](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/#post-3801502)
 * Wordfence found the following new issues on ************
 * Alert generated at Friday 31st of May 2013 at 04:20:52 PM
 * Warnings:
 * * Modified theme file: wp-content/themes/twentyeleven/languages/twentyeleven.
   pot
    * Modified theme file: wp-content/themes/twentytwelve/languages/twentytwelve.
   pot
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [All my admin logins have changed to 'Chereckt'](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/#post-3801498)
 * They are editing the user table in mysql. Not sure if anything else yet
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [All my admin logins have changed to 'Chereckt'](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/#post-3801496)
 * I have, they are doing full scans. I know other storm internet users are affected.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [All my admin logins have changed to 'Chereckt'](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/#post-3801494)
 * Seen an infected file The file /public_html/wp//wp-content/themes/twentyeleven/
   languages/twentyeleven.pot
 * I restored it back to orginal
 * I found these usefull plugins:
 * [http://wordpress.org/plugins/wordfence/](http://wordpress.org/plugins/wordfence/)
   
   [http://wordpress.org/plugins/limit-login-attempts/](http://wordpress.org/plugins/limit-login-attempts/)
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [All my admin logins have changed to 'Chereckt'](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/#post-3801493)
 * Yes im with storminternet
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [All my admin logins have changed to 'Chereckt'](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/all-my-admin-logins-have-changed-to-chereckt/#post-3801438)
 * So you thing I have been hacked then? Not a bug?
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Smush – Image Optimization, Compression, Lazy Load, WebP & CDN] Nothing Happen](https://wordpress.org/support/topic/nothing-happen-6/)
 *  [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [13 years, 1 month ago](https://wordpress.org/support/topic/nothing-happen-6/#post-3621847)
 * Hi Ari,
 * No I dont think so? I dont really know what cdn is.
 * Its a stadard wordpress installation. No adjustments and files are in normal 
   directory.
 * Thanks tho
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Captain Slider] Slider stalls on 1st load until full cycle](https://wordpress.org/support/topic/slider-stalls-on-1st-load-until-full-cycle/)
 *  Thread Starter [webbadger](https://wordpress.org/support/users/webbadger/)
 * (@webbadger)
 * [13 years, 1 month ago](https://wordpress.org/support/topic/slider-stalls-on-1st-load-until-full-cycle/#post-3610895)
 * Same.. i didnt think my images were that big. And my server is ok.

Viewing 15 replies - 1 through 15 (of 24 total)

1 [2](https://wordpress.org/support/users/webbadger/replies/page/2/?output_format=md)
[→](https://wordpress.org/support/users/webbadger/replies/page/2/?output_format=md)