Anti-Malware Admin

Forum Replies Created

Viewing 15 posts - 271 through 285 (of 690 total)
  • Author
    Posts
  • in reply to: Brute Force not installed #2146

    Anti-Malware Admin
    Key Master

    In general this message indicates that your server was either unable to start a persistent session or that the rewrite rules in the .htaccess files are not affective. There could be many causes for this that you should bring up with your hosting provider. Maybe you have restricted access on some directories or there is a permission problem on certain folder. If your hosting provider is not helpful in this and you can send me a screenshot of the Firewall settings page then I can try to help you troubleshoot further.

    in reply to: How can I change my email address? #2144

    Anti-Malware Admin
    Key Master

    You can unregister a site or transfer your registrations from the members page. Or you can simply re-register a site by ckicking on the green checkbox in the upper-right side of the Anti-Malware Setting page in the wp-admin on that site.

    in reply to: Why Are My Files Skipped?? #2139

    Anti-Malware Admin
    Key Master

    The scan will also automatically skip empty files and whitelisted files and this is ok, it does this to speed up the scan process. If you hover over the file listed it will pop-up and tell you why it was skipped.

    in reply to: Whitelist not available #2133

    Anti-Malware Admin
    Key Master

    If the scan finds a file that is marked as a Known Threat then you can click on the red linked file to examine the contents. There you will have the option to whitelist that file, however, this is a passive action that does not really solve anything and ignores the bigger issue. Either you are whitelisting an infected file that contains malicious code which should not be whitelisted or my plugin is incorrectly flagging this code as a Known Threat when it should not be. Can you please send me the file or files that you are wanting to whitelist so that I can check them and make adjustments to my definition updates if needed?

    in reply to: malware not detected #2131

    Anti-Malware Admin
    Key Master

    My plugin should find this threat. Can you send me a screenshot of the scan results or send me your wp-admin login so that I can take a look?

    in reply to: Brute-force Protection Not Installed #2124

    Anti-Malware Admin
    Key Master

    That error means that there is no response from your server when testing the session feature. I am not sure why your site will not start a session but it is usually due to a server configuration issue, like php.ini settings or the permissions on the /tmp/ directory (or wherever the session files are kept on your server). Check your server’s error_log files and ask your host to verify that session files can be stored on your server.

    in reply to: Failed: file not writable! #2122

    Anti-Malware Admin
    Key Master

    So You cannot change the file permissions in FileZilla. I’m sorry that your host was not more helpful. You may be able to fix the permissions on these files using your hosting control panel, there is usually some kind of file manager that can change the permissions for you. Otherwise you would have to convince your hosting provider to step up and help you or else move your sites to another host.

    How many sites do you have on this host?

    in reply to: Failed: file not writable! #2119

    Anti-Malware Admin
    Key Master

    It would seem that there is a permission issue on those files that prevents them from being fixed by any PHP process on your webservers. You could try to change the permissions on those files so that they can be automatically fixed by my plugin.

    If you need more specific guidance then I would need more detailed information about the specific situation on your server. Please feel free to send me screenshots or any other specific info that might help if you need further assistance.

    in reply to: Error: #2118

    Anti-Malware Admin
    Key Master

    By default the Firewall Option to block User Enumeration is Automatically Enabled. This means that any attempt to pass a numeric value for the Author property in the URL that is not in the wp-admin path is automatically redirected. You can choose to disable this protection in the in the Firewall Option under the Anti-malware Setting if you want to allow these link to enumeration pathes that are not under /wp-admin/.

    in reply to: Brute Force Patch #2115

    Anti-Malware Admin
    Key Master

    You would need to fix whatever is wrong with that server that prevents it from creating a persistent session. Maybe it is the wrong permissions on the /tmp/ directory or that partition is full, or maybe the session path is set to a directory that does not exist. You would need to refer to your error_log files to find the answer that pertains to your particular situation.

    in reply to: Malware not found #2113

    Anti-Malware Admin
    Key Master

    Try editing that teenage-cancer-trust page in your wp-admin and just remove the viagra link that was injecting into your DB content.

    in reply to: Sucuri entry/MW:BLK:2 WordPress #2110

    Anti-Malware Admin
    Key Master

    The MW:BLK:2 is just a generic label that sucuri assigns to that type of infection, it refers to a blacklisted domain used in your site’s code.

    If you click on the details and is says 31wp.org then you would need to look for script references in your site’s HTML that point to 31wp.org. Sucuri has labeled the jquery.js URL at that domain as a malicious threat but that URL does not seem to be working any more anyway so I think your site will be ok. Just just the page content for script tags and make sure your theme does not refer to 31wp.org in the header.php or footer.php files.

    in reply to: Malware not detected #2107

    Anti-Malware Admin
    Key Master

    Sorry but I did not get your email.

    The MW:BLK:2 label that you first asked me about refers to a blacklisted domain which is used in your Newspaper theme’s header and footer to load remote scripts from fastestwaytocome.com.

    These external scripts were probably hacked to redirect traffic to those other sites.

    First check the origin install files for that theme that you downloaded from their site to see if those script references were injected into your copy or if there were an intentional part or the theme’s design. Then remove those scripts from the header and footer to see if that stop the redirects.

    Also, please send me a copy of those infected header and footer files. You can email me directly:
    eli AT gotmls DOT net

    in reply to: All usernames changed to dexter #2104

    Anti-Malware Admin
    Key Master

    This sounds like it could be a direct SQL injection. the hacker might have access to alter your database without having access to your servers filesystem. You can try changing your DB_PASSWORD and updating your wp-config.php file to match the new password in the hopes that the hackers cannot get back in but if they have root access to your DB server then you would need to move to a more secure host (unless your current hosting provider can make you DB more secure on their server).

    in reply to: Malware not detected #2101

    Anti-Malware Admin
    Key Master

    That is not a link to a malware definition, that is just a generic label that sucuri assigns to that type of infection.

    Can you please give me some information that will enable me to help you with this issue (infected URL, link to sucuri scan results, or you installation key for this domain)? Feel free to contact me directly if you do not want to post this on my public forum.

Viewing 15 posts - 271 through 285 (of 690 total)