Hi, i’m hoping you might be able to help, more than happy to donate if you think this plugin will help resolve my issue
I have updated the defintions etc..
PHP:7.0.1
Apache
WordPress:4.9.2
Plugin:4.17.44
Definitions:I21Dg
Your Installation Key is Registered:
No Newer Definition Updates Available.
Scan has been ran with the following results, I have also clicked the fix button…
Known Threats
…/public_html/wp-content/plugins/fusion-builder/inc/lib/inc/class-fusion-fusionredux.php
…/public_html/wp-content/themes/Avada/includes/lib/inc/class-fusion-fusionredux.php
0 Quarantined Files
Found 0 htaccess Threats
Found 0 TimThumb Exploits
Found 0 Backdoor Scripts
Found 2 Known Threats
Found 0 Core File Changes
The issue persists still on my website though unfortunately, sucuri online scan suggests the following:
Known javascript malware. Details: http://labs.sucuri.net/db/malware/rogueads.unwanted_ads?1 <p> <script type="text/javascript" src="//go.oclasrv.com/apu.php?zoneid=1086384"></script>//<
Chris
This issue still remains on this site, I have changed all the passwords etc and the above always comes back again. Having quarantined the above files and running the scan again it is not identifying the problem, could it be within the core files? would it be worth me upgrading the service at this point, like I say, i’m more than happy to contribute if this is the right service to get rid of this issue.
Thanks
The site appears to be clean now. Maybe you just needed to refresh the scan on that sucuri results page, because they will cache the original results and not show that your site is actually clean even after you have cleaned it.
It’s clean at the moment, I’ve only within the post hour reinstalled the clean database, the problem is likely to reoccur within the next 24hours though as it had done previously, I’ll report back if it does as I’ve just changed all the passwords again from a different computer, dB, FTP, host, admin etc. I’ve also overwritten the original wordpress files to see if this helps.
If it comes back then I’ll let you know as this plugin was not picking up the issue described above.
Thanks
Is that script being injected directly into your database, because if it is then this might not be a vulnerability that can even be stopped by a plugin. If the server has a root vulnerability then there is really nothing you can do to your site or your account to secure it. Your not hosting on TSOHOST by any chance are you? They still seem to be having repeated database injections across many of their DB servers that have nothing to do the user’s security.
it’s vidahost on this one, which I think is part of TSOHOST possibly…? I have raised it with them as an issue on their end potentially but getting the usual scripted responses from them, just making sure I check everything my end but will likely move host if it continues.
Yeah, I just moved somebody else from TSOHOST to my own Super Secure Hosting and the database injections that they were getting every 5 minutes stopped immediately. When they contacted TSOHOST about this continual threat to their TSO BD the support person responded saying only that the vulnerability has already been patched and there in no more danger on their server but the clients old DB on the TSO server continues to be reinfected even though their site was no longer hosted there.
