Uthar on "i.simpli.fi script harmful?"
So far all files seems to be clean and the following security plugins are not able to find anything: Sucuri Security - Auditing, Malware Scanner and Hardening Quttera Web Malware Scanner Asgard...
View ArticleJames Huff (MacManX) on "i.simpli.fi script harmful?"
Check WordPress's main index.php file (not your theme's index.php file).
View ArticleUthar on "i.simpli.fi script harmful?"
That one looks fine: <?php /** * Front to the WordPress application. This file doesn't do anything, but loads * wp-blog-header.php which does and tells WordPress to load the theme. * * @package...
View ArticleJames Huff (MacManX) on "i.simpli.fi script harmful?"
Ok, try deactivating all plugins. If that resolves the issue, reactivate each one individually until you find the cause. If that does not resolve the issue, try switching to the Twenty Fifteen theme to...
View ArticleUthar on "i.simpli.fi script harmful?"
Thanks for your help so far James. But the plugins and theme were the first two things I tried (as stated in my first post.) Another thing I tried was downloading all my data from the website and...
View ArticleAndrew on "i.simpli.fi script harmful?"
Whereabouts in the source code is this code being injected?
View ArticleUthar on "i.simpli.fi script harmful?"
At the bottom of my page, see screenshot below: http://oi61.tinypic.com/25fli8h.jpg Also you can find my blog at bots.uthar.nl if that may help in finding this problem.
View ArticleUthar on "i.simpli.fi script harmful?"
I finally found it. A widget to show visitor information from http://whos.amung.us was adding the script.
View ArticleCooLMinE on "Is my webserver compromised ?"
My antivirus has been detecting quite a few viruses/trojans lately. Mainly Backdoor:PHP/Shell.P Backdoor:PHP/WebShell.J I have been trying to identify the source of these files with no luck so far. The...
View ArticleAndrew on "Is my webserver compromised ?"
files are located at C:\Windows\Temp\ Is your website on this machine? I wouldn't expect a backdoor to be placed on a home computer if a website was hosted elsewhere.
View ArticleCooLMinE on "Is my webserver compromised ?"
Yes, my website is on this machine. It is a dedicated server running Windows Server 2012 R2. By default when something is uploaded or created using PHP, the file is created in the temp folder (based on...
View ArticleCooLMinE on "Is my webserver compromised ?"
Extra information from the event log: Name: Backdoor:PHP/WebShell.J ID: 2147683134 Severity: Severe Category: Backdoor Path:...
View ArticleUthar on "i.simpli.fi script harmful?"
Just for future reference and additional information for users with a similar problem. I contacted whos.amung.us and got this reply: Simpli.fi is not malware, it is a data categorization service used...
View Articledgfrench on "All plugins disappeared"
All of my plugins disappeared from the WP browser admin interface yesterday. I took a server snapshot & am following suggestions from: this post It does appear that there was a line of code...
View Articlemwhoyle on "Someone is trying to hack my site"
Have you worked through the steps on this page? Definitely a good starting point. http://codex.wordpress.org/Hardening_WordPress
View Articlemwhoyle on "Someone is trying to hack my site"
The most common attacks against a WordPress blog usually fall into two categories. 1. Sending specially-crafted HTTP requests to your server with specific exploit payloads for specific vulnerabilities....
View ArticleTara on "All plugins disappeared"
It does appear that there was a line of code injected into each PHP file within the plugins. first off, use this plugin to check for exploits and malware:...
View Article