willt87
Forum Replies Created
-
Hi @taisho you probably need a device and a card that is registered to Apple Pay to see it.
In the end I coded for my functions.php file and added some styling that did the trick.
Thank you though.
If you don’t need Apple Pay, I thoroughly recommend this plugin.
Forum: Plugins
In reply to: [WP Stripe Checkout] Customer nameAlso is there an email address tag that can be included in the payment confirmation email? Thanks
Forum: Fixing WordPress
In reply to: Site hacked – nemonn tag infected with scam descriptionThis is what I have found out about “nemonn”
Just removing the obfuscated javascript from the header will not work permanently.
There will be an additional base64 coded file elsewhere (the backdoor)- and possibly more than one. They seem to be located in the core wp-admin directory and are randomly named but seem to follow the update-randomname-randomname.php taxonomy.
Just updating / reinstalling WordPress from the admin won’t remove this file.
Additionally you should follow guidance given elsewhere for changing ALL passwords (FTP, database and WordPress admins) and follow instructions for Hardening WordPress.
Forum: Fixing WordPress
In reply to: Hacked/Malware, need help pleaseThis is what I have found out about “nemonn”
Just removing the obfuscated javascript from the header will not work permanently.
There will be an additional base64 coded file elsewhere (the backdoor)- and possibly more than one. They seem to be located in the core wp-admin directory and are randomly named but seem to follow the update-randomname-randomname.php taxonomy.
Just updating / reinstalling WordPress from the admin won’t remove this file.
Additionally you should follow guidance given elsewhere for changing ALL passwords (FTP, database and WordPress admins) and follow instructions for Hardening WordPress.
Forum: Fixing WordPress
In reply to: A new spam hack – including on wordpress.orgThis is what I have found out about “nemonn”
Just removing the obfuscated javascript from the header will not work permanently.
There will be an additional base64 coded file elsewhere (the backdoor)- and possibly more than one. They seem to be located in the core wp-admin directory and are randomly named but seem to follow the update-randomname-randomname.php taxonomy.
Just updating / reinstalling WordPress from the admin won’t remove this file.
Additionally you should follow guidance given elsewhere for changing ALL passwords (FTP, database and WordPress admins) and follow instructions for Hardening WordPress.
Forum: Themes and Templates
In reply to: [Theme: Meeta] How to remove Popular Posts Tags in HeaderThis is what I have found out about “nemonn”
Just removing the obfuscated javascript from the header will not work permanently.
There will be an additional base64 coded file elsewhere (the backdoor)- and possibly more than one. They seem to be located in the core wp-admin directory and are randomly named but seem to follow the update-randomname-randomname.php taxonomy.
Just updating / reinstalling WordPress from the admin won’t remove this file.
Additionally you should follow guidance given elsewhere for changing ALL passwords (FTP, database and WordPress admins) and follow instructions for Hardening WordPress.
Forum: Fixing WordPress
In reply to: SEO IssuesYes, just delete it. It won’t affect the functionality of your site. The bigger issue is how it got there in the first place.
Change all your passwords (FTP, database and wordpress admin).
I’ll let you know if I find any secondary hacks.
Forum: Fixing WordPress
In reply to: Hacked/Malware, need help pleaseThat is almost certainly the file! But it’s possible that there are others. Delete it and change all your passwords (FTP, database, wordpress admin).
Forum: Fixing WordPress
In reply to: SEO IssuesA client of mine was hacked with ‘neonmm’ in recent days on GoDaddy hosting.
I found a base64_decode file called upgrade-merrili-janean.php in the core wp-admin directory, which I’m pretty sure is connected.
Hope this helps someone.
Forum: Fixing WordPress
In reply to: Site hacked – nemonn tag infected with scam descriptionA client of mine was hacked with ‘neonmm’ in recent days on GoDaddy hosting.
I found a base64_decode file called upgrade-merrili-janean.php in the core wp-admin directory, which I’m pretty sure is connected.
Hope this helps someone.