I cleaned a customers site and locked down the site with a firewall plugin etc reset DB passwords. Your plugin found a backdoor and 2 known issues. I cleaned all of those and further scans show nothing. The original issue the user noticed was bogus posts that were published. I was able to remove all of them, however currently about ever couple hours a handfull of blank posts are creating as drafts, no content and the titles are taken from other posts. Wondering if anyone has run into something like this, running out of ideas.
If those new drafts are not being generated by a local script (might not even be in the site directory, look for php files in the user’s home directory and check for cron jobs), then it could be a direct SQL injection using your DB credentials, otherwise it might also be entered from an admin’s local PC that is infected with a BHO or XSS exploit.
Viewing 2 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic.
Comments are closed.
Get instant updates to new definitions files as new threats are discovered.
*All fields are required and I will NOT share your information with anyone.
Thank you very much! Your plugin rescued my website and saved me a lot of time by not having to use the backup to restore it. I did few other scans from some 'pro' antivirus plugins, but nothing seemed to work, and they ask for a lot of money to go premium with no guarantee that it's going to solve the problem... With your plugin it's different, I could test it first. Thank you so much! It was a pleasure to send my donation too. -- Przemyslaw Jarocki
I cannot say how thankful I am to Eli and his plugin. Simply the best support I have ever received from any company. I posted a support question and he literally emailed me in 30 mins and helped me through the issue. Amazing !! We cleaned 2 entire sites with Malware and saved me a ton of $.
I have since then implemented the plugin on a number of my sites. -- chris jones