Forum Replies Created
-
AuthorPosts
-
The donation was automatically applied to your registered Key for that site. You should now enable the Automatic Update feature on the Anti-Malware Setting page in your wp-admin, then click Save and the Core Files Definitions will be installed automatically.
If you do not see the option that I am talking then please send me a screenshot so that I can help you further.
I would guess that it really was infected. It is common to be repeatedly reinfected in the same way using the same exploit that allowed you to be infected in the first place. In fact I can see some spam scripts in the headers of your site but it looks like you have removed my plugin so I’m not sure how I can help you with this.
If you would like to reinstall my plugin and give it another try then I might be able to provide you with some guidance that could help you resolve this issue for good.
That should be more than enough. Maybe those settings are not taking effect. Have you checked those values by calling the phpinfo(); in some standalone php file to make sure that what you have set is actually changing those php settings?
After scanning and cleaning your site you will then need to login to your Google Search Console (formerly Webmaster Tools) and request a review and/or upload a sitemap. You can also use the View as Google Bot option to see your page as Google sees it, but you must understand that Google caches all their search results and every page that they index will take some time to revisit and clear the old content, even after you have cleared it from the active pages on your live site.
Can you please send me a link to the infected pages and an sample of the malicious code being displayed on those pages so that I can look into this further and get these new threats added to my definition updates?
March 18, 2020 at 1:21 pm in reply to: Google ads disapproved my ads because of "malicious software" links #2443I don’t see these links on your site any more so maybe you have already removed this threat. If Google is still refusing to approve your ads then they might be reacting based solely on they cache of your site from a time when it might have been infected.
I am still working on an auto-scan feature but it just isn’t ready yet. I will let you know when I have this feature available.
If you can send me those ‘<script’ tags which are not being removed by my plugin then I will add them to my definition updates so that they will be automatically removed in future scans.
Also, if you are still getting database injections on a regular basis I would suggest that you focus on hardening your DB security on your server. Start by changing your DB_PASSWORD and updating your wp-config.php to match. If that does not stop these injections and your host has no other security to offer then I would suggest moving your site to a move secure hosting environment.
Thanks for reporting this issue. I will have this Deprecation Notice resolved in my next plugin release. In the mean time you should probably turn off error_reporting for Deprecated Notices in your php.ini file:
error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATEDI see a bunch of sites registered to your account. Try clearing your cache and refreshing your wp-admin page to see if it shows that you are already registered. If not then send me the key that you are trying to register and I will check it for you.
If your site is on a shared hosting account then this kind of attack could be coming from any of the other sites on this server, it could even be coming form a site that is not under your account.
If you have cleaned every site on your account and it still comes back then I would advise that you move your site to am ore secure hosting environment.
You can go with the Pro Plan to cover what you need for these sites. This server is in Eastern Canada which should be fine but I do have other server in the US if you would prefer that.
I’ll give credentials to the server once you sign up. I can also help you move the sites over when you are ready. From here on you should email me directly either by replying directly to the email notification of this post or by emailing:
support [AT] supersecurehosting.comI don’t have any firm limits but I would need to make sure that I put your sites on a server that can handle your needs. These are not VPSs, what I offer is fully managed hosting on a modified CentOS kernel using cagefs to chroot each site into it’s own virtual filesystem, so no hacks can find their way from one site any other site on my servers. The server I have in mind for you would be a quad core with 32Gigs of RAM and 2 480 raided SSDs. I have a website for you to sign up for hosting services but I don’t promote it or offer much info on the site. My focus is on security and stability and so I only offer this my hosting to people who I feel really need it.
If you scan the public_html directory on the main site then it will probably scan all the sub-sites, it just depends on how your sites are structured on the filesystem.
The most important thing is to get all you sites clean at the same time. If you scan all your sites, and remove all the malware, and then scan all your sites again, and they are all fine for a little while, then the problem may not be coming from any of your sites. This malware could be spreading from a site on another account on that server. In that case you should probably move all your sites to a move secure server where they will not be exposed to cross-site contamination from other users.
I do offer Super Secure Hosting for $12/month per site. I could host all 4 sites for $44/month and they would never get hacked again. Let me know if you are interested and I can help you move your sites over to one of my Super Secure servers.
So there must be some other threats on the server that are re-writing these files. Have you run the Complete Scan on the site’s root directory?
Do you have any other sites on that server that might also be infected?
Can you send me a screenshot of the results from the Complete Scan right after you have cleaned these infections?
-
AuthorPosts
