Forum Replies Created
-
AuthorPosts
-
Ouch! Excuse me but I pride myself on the work I have put into this plugin, and you might see that it is working for thousands of other contented users. The fact that I offer this great work for free (or more accurately: for voluntary donations) does not mean that you should expect it to be junk.
Now, if you are having an issue with a repeated infection then perhaps you would like to ask for more help rather than just writing my plugin off as “straight up doesn’t work”. It sounds to me like it is working when you scan and clean the site, but then you are getting re-infected again and again. There could be other vulnerabilities on this site or other sites on the same server that are letting the hacks in after the cleaning. If you want to tell me which site your are having trouble with and maybe provide some details about the problem, or screenshots, or your wp-admin login (you can email me directly if you want), then I can provide more help.
Also, You should understand that there are many hosting providers that offer cheap shared hosting solutions that are fundamentally insecure and at some point it does not matter how many great security plugins you have (or how much you pay for them) because nothing can stop the spread of some malware on a typical shared hosting account once it’s made it onto the server. Sometimes the only solution is to move your hosting to a more secure host.
Anyway, if your interested in receiving any help on this please consider contacting me again with some details that I might be able to shed some light on for you.
This is a CSS issue caused by a change in the default dashicon sizes in the stylesheet that were updated in a recent release of WordPress. I will have my own CSS in place to override these default styles in my next plugin release.
This is normal, and you can click on the “Skipped Files” link to see the list of files that were skipped. You will notice that most of them are binary file types that do not execute PHP code and some others may be empty files. You can hover over each file on the list to see why it was skipped.
I hope this explanation helps, and please let me know if you have any more questions.
It sounds like this could be a direct database injection. You should try changing your DB_PASSWORD and update the wp-config.php file to match.
Also, check to mat sure that there are no rogue admin users.
There are no “falsely registered” keys, and you should not try and register a key that you have on one site to another site. Each site gets it’s own key and each key should be registered to the site that it was generated for (not any other sites).
However, you can register all your sites to the same email address so that they are all on the same account, as I see that you have two URLs registered to this account. If you have registered any keys to another email address then simply login to http://gotmls.net/members with the password that was sent to that email and then transfer that registration to your main email account.
I found that your registration was only partially deleted, so it was not gone but not fully there either, meaning that it could not be added back. I deleted the rest of the registration so that you could re-register. Please try to re-register your site again. If it still does not work this time then please email me a screenshot or your wp-admin login and I can look into it further.
That message is not coming from my plugin. There must be something else that is interfering. Can you send me a screenshot so I can see what it might be?
It looks like both of your registered sites are up-to-date. Did you get it working or is this issue you are having on a different site?
Clicking the “Download new definitions!” button is the manual way to update them and it simply POSTS a form with the update values encoded in that page of your wp-admin. How would your host be blocking that? Do you get an error message? Do they have a post size limit maybe?
If you use the “Automatic Update” method that is available as premium feature then the update will be downloaded directly from my server. I’m not sure how your server could block that either without disabling all remote_get methods in your PHP version.
Yeah, I just moved somebody else from TSOHOST to my own Super Secure Hosting and the database injections that they were getting every 5 minutes stopped immediately. When they contacted TSOHOST about this continual threat to their TSO BD the support person responded saying only that the vulnerability has already been patched and there in no more danger on their server but the clients old DB on the TSO server continues to be reinfected even though their site was no longer hosted there.
Is that script being injected directly into your database, because if it is then this might not be a vulnerability that can even be stopped by a plugin. If the server has a root vulnerability then there is really nothing you can do to your site or your account to secure it. Your not hosting on TSOHOST by any chance are you? They still seem to be having repeated database injections across many of their DB servers that have nothing to do the user’s security.
The site appears to be clean now. Maybe you just needed to refresh the scan on that sucuri results page, because they will cache the original results and not show that your site is actually clean even after you have cleaned it.
Well no (you need WordPress for any plugin to run), but you could manually remove the files through FTP that siteground wants you to remove and then get them to restore access to your site so that you can clean the rest of the infection using my WordPress. Or you could ask them to restore your access specifically so that you can use my plugin to clean up the whole infection.
Otherwise, you might want to move your site to a more secure and cooperative hosting provider that will work with you to get the site cleaned up.
I have updated the definition with a fix for this new variant. Now the whole threat will be removed without leaving any syntax errors behind. Please download the latest definition updates and then run the complete scan again to remove the last of this threat from your site.
There is an emergency restore link on the “fixing” screen that gives you the option to revert the changes if it comes back with broken test results. Since you have probably missed that option I went ahead and restored that last file that was only partially fixed.
Just to let you know exactly what went wrong here, the file …/wp-content/plugins/fooboxV2/includes/foolic_class.php was only partially fixed, leaving behind some remnant scrap of the infection in that file and that is what was causing the error. I am working on the definition for that particular threat so that it will be completely removed in future scans.
-
AuthorPosts
