Forum Replies Created
-
AuthorPosts
-
This URL is already in my latest definitions of DB Injections, but this one looks like it might have been injected directly into your theme’s footer.php file. Can you please send me the footer.php file from your theme so that I can added this new variant to my definition updates. Then it can be automatically removed from any files using my plugin in future scan.
I see that your site is currently registered with that key. If you still don’t see the registration form your end then try clearing yoru cache and refresh your wp-admin page. Also, check your browser’s Console for JavaScript error. And let me know if you still don’t see the registration on your end.
It looks like my plugin removed some malware, but the PHP Warnings on your site are from something else. I think you must have upgraded PHP or something because these are deprecation warnings about functions and methods in your plugins and theme that are no longer supported in the version of PHP you have installed on this server. You could also ask your hosting provider to help you turn off those PHP warnings in the configs so that it doesn’t show on the front end of your website.
I see that your site is actually registered correctly under this account, so maybe there is some kind of JavaScript blocker that is breaking the registration check on your end. Can you check the Console tab on your browser’s Inspector to see there are any JavaScript errors on that page?
The donation was automatically applied to your registered Key for that site. You should now enable the Automatic Update feature on the Anti-Malware Setting page in your wp-admin, then click Save and the Core Files Definitions will be installed automatically.
If you do not see the option that I am talking then please send me a screenshot so that I can help you further.
I would guess that it really was infected. It is common to be repeatedly reinfected in the same way using the same exploit that allowed you to be infected in the first place. In fact I can see some spam scripts in the headers of your site but it looks like you have removed my plugin so I’m not sure how I can help you with this.
If you would like to reinstall my plugin and give it another try then I might be able to provide you with some guidance that could help you resolve this issue for good.
That should be more than enough. Maybe those settings are not taking effect. Have you checked those values by calling the phpinfo(); in some standalone php file to make sure that what you have set is actually changing those php settings?
After scanning and cleaning your site you will then need to login to your Google Search Console (formerly Webmaster Tools) and request a review and/or upload a sitemap. You can also use the View as Google Bot option to see your page as Google sees it, but you must understand that Google caches all their search results and every page that they index will take some time to revisit and clear the old content, even after you have cleared it from the active pages on your live site.
Can you please send me a link to the infected pages and an sample of the malicious code being displayed on those pages so that I can look into this further and get these new threats added to my definition updates?
March 18, 2020 at 1:21 pm in reply to: Google ads disapproved my ads because of "malicious software" links #2443I don’t see these links on your site any more so maybe you have already removed this threat. If Google is still refusing to approve your ads then they might be reacting based solely on they cache of your site from a time when it might have been infected.
I am still working on an auto-scan feature but it just isn’t ready yet. I will let you know when I have this feature available.
If you can send me those ‘<script’ tags which are not being removed by my plugin then I will add them to my definition updates so that they will be automatically removed in future scans.
Also, if you are still getting database injections on a regular basis I would suggest that you focus on hardening your DB security on your server. Start by changing your DB_PASSWORD and updating your wp-config.php to match. If that does not stop these injections and your host has no other security to offer then I would suggest moving your site to a move secure hosting environment.
Thanks for reporting this issue. I will have this Deprecation Notice resolved in my next plugin release. In the mean time you should probably turn off error_reporting for Deprecated Notices in your php.ini file:
error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATEDI see a bunch of sites registered to your account. Try clearing your cache and refreshing your wp-admin page to see if it shows that you are already registered. If not then send me the key that you are trying to register and I will check it for you.
If your site is on a shared hosting account then this kind of attack could be coming from any of the other sites on this server, it could even be coming form a site that is not under your account.
If you have cleaned every site on your account and it still comes back then I would advise that you move your site to am ore secure hosting environment.
-
AuthorPosts
