Forum Replies Created
-
AuthorPosts
-
You can send me these files that are on your list and I will check them for you and add them to my definition updates.
Yes and yes
May 20, 2016 at 1:03 pm in reply to: How to delete infected files, and how to prevent the re-intrusion of malware #1580My plugin will remove Known Threats (in Red). If you are removing those Threat with my Automatic Fix and they are coming back the next day then you may need to move you site to a more secure server. I do offer Super Secure Hosting for $12/month per site if you are interested, I can more your site to one of my servers and I guarantee it will not be reinfected again.
If you want to share more info about your problem you can email me directly (a screenshot would be very helpful).
Web browsers get that kind of information from Blacklists which are not updated as quickly as you can clean your site. You still need to request a review to get your site off the blacklists.
Yes, both Google and Sucuri cache they results but at lease you can click the link at the bottom of the sucuri scan results to clear the cache and show the current scan results.
With Google you have to wait until they have re-indexed all those pages and that can sometimes take a while. You can speed up the process in your Google Webmaster Tools account for that site if you can Request a Review, or at least update your current XML sitemap.
No, unfortunately, plain text and HTML is harder to discern good from evil as it is more up to the individual site owns to decide what kind of content they want in their posts. Also, the DB contents is not obfuscated so it’s easy to spot and it cannot be executed on your server so it is generally not as dangerous either.
Fortunately, it not hard for you to remove any of the content that you don’t want in your own posts just by using the text tab in the post editor’s content window.
I would like to help you resolve this issue but I have yet to be able to recreate that error on any of my sites using 4.5, can you provide more info please?
First, it looks like some of that error message you posted is missing. It usually starts out telling you WHAT is deprecated.
Also, it looks like the problem is in your wp-includes/functions.php file, not in my plugin. Maybe you had an incomplete install when you upgraded to 4.5, can you check you Core Files and replace that functions.php file with the version that should have been installed from https://core.svn.wordpress.org/trunk/wp-includes/functions.php (right-click that link and choose save)?
If you have the Core Files Definitions from the premium version of my plugin than you can run the Core Files Quick Scan and fix that file if it’s broken or not the right version.
Please let me know what you find…
256m is a lot but maybe it needs 512m for this file, it is a really large file. Also, maybe there is some other reason it’s not cleaning it, like file permissions or process timeout. Is there an error message of any kind when it fails?
No, Actually that threat is already in my definitions but I think it’s not finding it on your server because of a memory_limit setting in your php.ini file, because that file is very large.
Thanks for sending me this login info. I can see that it was not my plugin that caused this error on your site.
The errors are caused be the static calls to get_sidebars() and name_to_class() on lines 52 and 57 in wp-content/themes/AVADA-3.0/framework/plugins/multiple_sidebars.php
My plugin didn’t touch that file and I restored the two files it did fix in your theme but that did not fix the error so I removed those two malicious threats again. It looks like that theme is using bad code and it needs to be fixed. Maybe there is an update or something. You should check with the developer or reinstall the theme (or another theme).Thanks for sending these to me! I have fixed the definition that found that threat in your theme header so that it no longer breaks the syntax of that file when it fixes it (it was accidentally removing too much code).
I am working on that other threat now to see why it does not clean it…
It sounds like whatever security hole allowed this hacker to exploit your site is still there. If you have run a Complete Scan on your entire site but the same threats keep coming back then the root of the problem might not be inside this site at all.
Is this site hosted on a shared server with other sites? Is possible that one of the other sites on this server is infected and that infection is spreading onto your site.
It seems to be working fine now. I can see that both plugins have the protection installed on you login page now and there is no conflict. You server’s sessions are working normally now and you should not get blocked when you try to login. I’m not sure what caused the problem you originally had but looks like it’s working fine now.
Please let me know if you have any more problems with it.
No, I am not asking to see any scan log because the details I want to see are not saved. The full detail of a scan are only presented in real time at the end of the scan.
If you have already downloaded the latest definition updates then please run the Complete Scan again and show me what it finds.
It looks like you have disabled my plugin so I cannot test it on your site. The error you got was a “No Session” error, which means that your server was not maintaining a persistant session thoughout your login attempts. I can’t tell you why your sessions are not working without access to your site but I can see that you are also using All-in-One WordPress Security maybe there was a conflict with that plugin’s login page additions, I will test that plugin on my site. Which of the two plugins did you install first? and What was the last change you made to you security or serv setting before you started having this problem?
-
AuthorPosts
