Bill C.

Forum Replies Created

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • in reply to: Scripts in page content #841

    Bill C.
    Member

    Thanks for responding Eli.

    I was able to remove all the scripts using SQL replace as you suggested.  In case anyone else ever has this issue, I will note that I was able to escape the single quotes by inserting two single quotes in their place and I was able to escape newlines with \n

    so, the SQL command looked like this:

    UPDATE wp_posts

    SET post_content = REPLACE (post_content,’<malicious js>’, ‘ ‘)

    Obviously I would recommend backing up your database before attempting a command like this.

    I am new to WordPress, having previously worked only with Drupal in terms of CMSs.  In an attempt to plug the security hole that could have allowed this hack, I have deleted a bunch of old users that were not in use, changed the passwords for active users, changed the DB password, updated WordPress and all plugins to the latest versions, applied your plugin’s Login patch, and asked my contact to notify the server administrator so they may change any relevant passwords.

    Thanks again.

    in reply to: Scripts in page content #838

    Bill C.
    Member

    Hello,

    I apologize if this question has been answered already, but I did not see it in the Faq nor in the forums.

    A client’s site has apparently been infiltrated and javascript eval statements have been inserted into the page content.  They have a lot of pages, so I was hoping this plugin would look through all the pages and remove all the malicious code.  But GOTMLS does not seem to identify malicious scripts in the page content.

    Am I correct in realizing that GOTMLS only searches files on the filesystem for malicious scripts and does not actually scan page content?

    Thanks in advance!

    • This topic was modified 10 years, 7 months ago by  Bill C..
Viewing 2 posts - 1 through 2 (of 2 total)