Tech Anyone know what kind of malware is that ? - Page 2 - GoFuckYourself.com

Brian mike · 03-14-2018, 09:48 AM

Quote:

Originally Posted by sarettah

The most common Wordpress injections are probably through too loose of security on file/folder permissions. All security should be as tight as possible while still allowing the site to operate.

If you do not need uploads then the uploads folder should not be 777, same with cache folders and other commonly "left wide open" folders.

There should be no plugins installed or present in the plugins folder that are not being used. Same with themes, if you are not using the theme remove it from the server.

Wordpress is a security mess in my opinion.

.

Thanks

sarettah · 03-14-2018, 09:51 AM

Quote:

Originally Posted by Brian mike

"the problem is that how this code entered in footer.php?
manualy ? who added that this is the problem"
<div style="display: none;" class="mdlWrap">
<div class="mdlOverlay"> </div>
</div>

When the themes Dev wrote me this ^^^ i think this is what it mean because
he also said ; this is not part of the theme code

It appears to me that that code is part of the theme or at least it is present in the bestia demo on the website:

Have you looked in your original download of the theme to see if it is in there? If it is then it is part of the theme and not injected.

.

Brian mike · 03-14-2018, 09:59 AM

Since this morning all file deleted and change theme already.
Can't look for this anymore. Free wordpress theme and will hire a designer for custom design.
That will do it for now lol

Best-In-BC · 03-14-2018, 10:01 AM

adultwpthemes · 03-14-2018, 10:02 AM

Quote:

Originally Posted by sarettah

It appears to me that that code is part of the theme or at least it is present in the bestia demo on the website:

Have you looked in your original download of the theme to see if it is in there? If it is then it is part of the theme and not injected.

.

its a part of theme but the skype conversation with him was some days ago and I had new bootstrapped bestia files (localhost) than I thought that its not my code but its an old conversation today I was asking access to check wtf is happening there and I got only swearing thats all here.

So the code is from an old version forgotten there in footer.php but it does nothing.Question is: Where is the ViruS?

He could try to switch to the default theme from the begining but just wants to play here! Because he knows where was the problem a person who run an AD NETWORK until now, He found the solution I think but is embarrassed to say sorry.

Brian mike · 03-14-2018, 10:11 AM

Quote:

Originally Posted by adultwpthemes

After answering him like a dumb fuck idiot on skype
i could not figure out what the problem was

Fixed it for ya

This is why i have open the thread here for the HARDCORE guy could help your sorry ass.

I have even protect the theme name POST #3

why that ? I was trying to help You Idiot.

Now you reply on the board like you are in control of your shit but on skype YOU PLAY DUM SHIT with client. Wake the fuck up next client complain.

nico-t · 03-14-2018, 11:32 AM

Quote:

Originally Posted by Brian mike

1- STOP selling your script if they have bugs
2- FIX your shit
3- if #2 dosen't work Go back to school to learn coding again.
4- GO FUCK YOUR SELF

this thread took an amusing turn

VRPdommy · 03-15-2018, 07:47 AM

Quote:

Originally Posted by Brian mike

Thanks for the tips appreciated,

unique name server, unique ip, unique ftp, unique password for each website . what do i miss ?

Oh yeah i know now STOP buying and trying new Theme

Easy fix lol

What I was referring to in non standard is...
whatever cms software you are using has a known directory structure. Change it.
Requires some effort on your part but if you do this and lock down your .htaccess is a big step in stopping automated scripting hacks.

I would also log ip's so that when you identify a breech, you can block the ip or range of ip's. .htaccess can be your friend. Block unknown bots or any excessive hits that don't make sense.... they are looking at your directory structure... that also means you need to be pro-active and pay attention to your traffic and i mean all of it.
Point is, if you are only going to do what your cms software wants/needs, you will loose this battle every time and repetitively. Lot's of wasted time just fixing it.

Think 'non-standard' and alter your installs. Take your time and think methodically.
Admittedly, this also means that for most that you have to learn more about how it all works. Time well spent.

03-14-2018, 09:59 AM	#53
Brian mike #Alberta51 Industry Role: Join Date: Oct 2014 Location: USA Territory (Alberta) Posts: 7,959	Since this morning all file deleted and change theme already. Can't look for this anymore. Free wordpress theme and will hire a designer for custom design. That will do it for now lol __________________ Tube - Cam - Escorts - Top List Menu Tab - Banner - Header Link - Blog Post DM me

03-14-2018, 10:01 AM	#54
Best-In-BC Confirmed User Join Date: Jun 2002 Posts: 9,506	__________________ Vacares - Web Hosting, Domains, O365, Security & More Unparked domains burning a hole in your pocket? 5 Simple Ways to Make Easy $$$ from Unused Domains