GoFuckYourself.com - Adult Webmaster Forum
Page 2 of 2 < 1 2
Show 40 post(s) from this thread on one page

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Tech Anyone know what kind of malware is that ? (https://gfy.com/showthread.php?t=1296637)

Brian mike 03-14-2018 09:48 AM
Quote:
Originally Posted by sarettah (Post 22237392)
The most common Wordpress injections are probably through too loose of security on file/folder permissions. All security should be as tight as possible while still allowing the site to operate.

If you do not need uploads then the uploads folder should not be 777, same with cache folders and other commonly "left wide open" folders.

There should be no plugins installed or present in the plugins folder that are not being used. Same with themes, if you are not using the theme remove it from the server.

Wordpress is a security mess in my opinion.

.
Thanks :thumbsup

sarettah 03-14-2018 09:51 AM
Quote:
Originally Posted by Brian mike (Post 22235979)
"the problem is that how this code entered in footer.php?
manualy ? who added that this is the problem"
<div style="display: none;" class="mdlWrap">
<div class="mdlOverlay">&nbsp;</div>
</div>

When the themes Dev wrote me this ^^^ i think this is what it mean because
he also said ; this is not part of the theme code
It appears to me that that code is part of the theme or at least it is present in the bestia demo on the website:

http://www.madspiders.com/images/bm_viewsource.jpg

Have you looked in your original download of the theme to see if it is in there? If it is then it is part of the theme and not injected.

.

Brian mike 03-14-2018 09:59 AM
Since this morning all file deleted and change theme already.
Can't look for this anymore. Free wordpress theme and will hire a designer for custom design.
That will do it for now lol :)

Best-In-BC 03-14-2018 10:01 AM
:GFYBand:food-smil10:food-smil10:food-smil10:party-smi

adultwpthemes 03-14-2018 10:02 AM
Quote:
Originally Posted by sarettah (Post 22237416)
It appears to me that that code is part of the theme or at least it is present in the bestia demo on the website:

http://www.madspiders.com/images/bm_viewsource.jpg

Have you looked in your original download of the theme to see if it is in there? If it is then it is part of the theme and not injected.

.
its a part of theme but the skype conversation with him was some days ago and I had new bootstrapped bestia files (localhost) than I thought that its not my code but its an old conversation today I was asking access to check wtf is happening there and I got only swearing thats all here.

So the code is from an old version forgotten there in footer.php but it does nothing.Question is: Where is the ViruS?

He could try to switch to the default theme from the begining but just wants to play here! Because he knows where was the problem a person who run an AD NETWORK until now, He found the solution I think but is embarrassed to say sorry.

Brian mike 03-14-2018 10:11 AM
Quote:
Originally Posted by adultwpthemes (Post 22237425)
After answering him like a dumb fuck idiot on skype
i could not figure out what the problem was
Fixed it for ya :winkwink:

This is why i have open the thread here for the HARDCORE guy could help your sorry ass.

I have even protect the theme name POST #3 :321GFY why that ? I was trying to help You Idiot.

Now you reply on the board like you are in control of your shit but on skype YOU PLAY DUM SHIT with client. Wake the fuck up next client complain.

:1orglaugh

nico-t 03-14-2018 11:32 AM
Quote:
Originally Posted by Brian mike (Post 22237244)
1- STOP selling your script if they have bugs
2- FIX your shit
3- if #2 dosen't work Go back to school to learn coding again.
4- GO FUCK YOUR SELF
:1orglaugh:1orglaugh



this thread took an amusing turn :1orglaugh

VRPdommy 03-15-2018 07:47 AM
Quote:
Originally Posted by Brian mike (Post 22237371)
Thanks for the tips appreciated, :thumbsup



unique name server, unique ip, unique ftp, unique password for each website . what do i miss ? :1orglaugh

Oh yeah i know now STOP buying and trying new Theme :pimp :thumbsup Easy fix lol
What I was referring to in non standard is...
whatever cms software you are using has a known directory structure. Change it.
Requires some effort on your part but if you do this and lock down your .htaccess is a big step in stopping automated scripting hacks.

I would also log ip's so that when you identify a breech, you can block the ip or range of ip's. .htaccess can be your friend. Block unknown bots or any excessive hits that don't make sense.... they are looking at your directory structure... that also means you need to be pro-active and pay attention to your traffic and i mean all of it.
Point is, if you are only going to do what your cms software wants/needs, you will loose this battle every time and repetitively. Lot's of wasted time just fixing it.

Think 'non-standard' and alter your installs. Take your time and think methodically.
Admittedly, this also means that for most that you have to learn more about how it all works. Time well spent.


All times are GMT -7. The time now is 12:55 PM.
Page 2 of 2 < 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123