Community Forums › Forums › Archived Forums › General Discussion › Deactivated Plugins?
Tagged: parallax, possibly hacked
- This topic has 13 replies, 5 voices, and was last updated 10 years, 5 months ago by
AnitaC.
-
AuthorPosts
-
August 5, 2014 at 3:42 am #117131
mountaingoat
MemberHello all
I just logged into my admin and all of my plugins have deactivated themselves? I'm running parallax?
Anyone come across this
Cheers
August 5, 2014 at 3:58 am #117132mountaingoat
MemberJust having a look at 'front-page.php' is it supposed to have a mass of random text above the title.
Like 100 lines of random text above this line * This file adds the Home Page to the Parallax Pro Theme.
Thanks
August 5, 2014 at 5:26 am #117138Ben @ Inbound Creative
MemberAugust 5, 2014 at 1:43 pm #117196mountaingoat
MemberFecherskiing.com
Cheers
August 5, 2014 at 3:08 pm #117206Ben @ Inbound Creative
MemberMost of the widgets appear to be there.
Can you post some of the code?
Thanks.
August 5, 2014 at 6:58 pm #117222mountaingoat
MemberHi there
Thanks for looking, in admin none of my plugins are showing?
eNews, Simple Icons, Carousel, WordPress SEO etc
Also wondering about the massive block of text at the top of 'front-page.php'
August 5, 2014 at 8:11 pm #117230mountaingoat
MemberAfter having a good look around it looks like the site has been hacked, there are a few people who have had the same issue.
Needless to say I'm a bit disappointed with Studiopress and the lack of support with this.
August 5, 2014 at 9:30 pm #117249Tom
ParticipantI have to ask about why you feel StudioPress is responsible for your hacked site.
Choose your next site design from over 350 Genesis themes.
[ Follow me: Twitter ] [ Follow Themes: Twitter ] [ My Favourite Webhost ]August 5, 2014 at 9:52 pm #117256mountaingoat
MemberHi
Simple Tom. As part of the marketing spin, this platform is sold on the basis of having 'Air tight security' now whether studio
press has anything to do with my recent issue or not I'm now not as 100% sold as I was.Support was also less that helpful or empathetic.
All this perceived goodness needs to be backed up by sweet service! Just saying.
August 5, 2014 at 10:38 pm #117267Tom
ParticipantI'm truly sympathetic to your situation - it's painful and aggravating and worse. If you're still in the process of resurrection, you could engage Sucuri (or a similar service) or follow Andrea's advice here.
Did you open a ticket with StudioPress? It's possible that they could have helped diagnose the situation, but you found it out pretty quickly on your own. On the other hand, these forums are supported by StudioPress but it *is* community support, largely powered by fans and devs that love Genesis.
I think that Genesis and the StudioPress themes are considered more secure than many WordPress themes due to their development and audit process. Unfortunately, WordPress is a massive target, as are the plugins and hosts that serve it all up. My guess is that it was something other than Genesis/Parallax that was the entry point. The cleanup process may reveal the source or possibly not.
Going back to the post I referenced, point #4 is especially important so that you don't leave (other) potential vulnerabilities unaddressed:
(4) Contact your host’s technical support and ask them to investigate what might have happened in case there is a security issue on their end.
Good luck!
Choose your next site design from over 350 Genesis themes.
[ Follow me: Twitter ] [ Follow Themes: Twitter ] [ My Favourite Webhost ]August 5, 2014 at 11:00 pm #117275Brad Dalton
ParticipantIs your username and password more than 10 digits using lower and uppercase letters, numbers and symbols?
If not, please change it using an online passsword generator.
You can find the hacked files by scanning your WordPress installation using a plugin like Wordfence.
August 10, 2014 at 7:27 pm #118123AnitaC
KeymasterJust wanted to chime in here because websites can be hacked by plugins also that have security breaches and open gateways. Themes cannot control that. It can also be compromised directly through your database and through your hosting account. I wouldn't just say you aren't sold on Studiopress because no theme or framework can be hack-free. An additional note, if you install WordPress from your hosting account dashboard and you do not *manually* install it - then it could already be compromised because the hosting company has already manipulated the program before it was installed.
Need help with customization or troubleshooting? Reach out to me.
August 25, 2014 at 3:38 am #120872mountaingoat
MemberThanks for all your comments
I was able to reinstate a backed up version, so all good in the end.
It was probably a hack through a plugin
The hack placed a massive block of text in the head of every page which of course messed things up a fair bit. Plenty of info on the net about this hack too.
August 25, 2014 at 6:04 am #120881 -
AuthorPosts
- The forum ‘General Discussion’ is closed to new topics and replies.