StudioPress

Forum navigation

Are You Using The WordPress Block Editor?

Genesis now offers plugins that help you build better sites faster with the WordPress block editor (Gutenberg). Try the feature-rich free versions of each plugin for yourself!

Genesis Blocks Genesis Custom Blocks

ElevenPro40 – Sidebar

Welcome!

These forums are for general discussion on WordPress and Genesis. Official support for StudioPress themes is offered exclusively at My StudioPress. Responses in this forum are not guaranteed. Please note that this forum will require a new username, separate from the one used for My.StudioPress.

Community Forums Forums Archived Forums General Discussion ElevenPro40 – Sidebar

This topic is: not resolved
Viewing 8 posts - 21 through 28 (of 28 total)
1 2
  • Author
    Posts
  • July 19, 2015 at 10:44 pm #159851
    Erik D. Slater
    Member

    Right then ... so ... the problem is now fixed ... for both tokitover.com and bestbackpacksguide.com ... and it was a bit of a doozy 🙂

    Basically, there were no issues with the theme or the plugins.

    Instead, I found some crucial files containing code that should not have been there. I don't know if it was the result of a dodgy plugin or some hacking attempt, but removal of the code resolved the issue.

    The giveaway was the filesize of the wp-config.php file ... which looked way too big at around 32KB, when normally it's only about 4KB. I downloaded it to my local machine ... and when I opened it in my editor, everything looked OK ... except for the horizontal scrollbar ... which indicated a necessity to scroll to the right for further viewing of whatever was lurking in the shadows. So scroll I did ... and found some dodgy-looking PHP porn 🙂 I couldn't even submit it here ... I guess it was that distasteful 🙂

    I made a copy of these files on your server. Details of those files can be found in the email I sent you. There may be other files out there, so I would suggest you contact your web host to alert them, and to find out if additional action may be required.

    July 20, 2015 at 12:54 am #159856
    Toki Tover
    Member

    Wow! A BIG thank you for not only taking the time to find that but to remove and fix it for me! I am guessing it was a hack. How can I protect my sites?

    I will say that when I clicked on the toki site a pop up would open in another tab for something like an ad or a warning site. And even now when I went to click on a link in my dashboard for the toki site an ad site opened in another tab. crazy. Is there a place I could go to have my site looked at for a further look to see if there still is files from a hack?

    Again thank you for EVERYTHING!

    Toki

    July 20, 2015 at 1:15 am #159857
    Erik D. Slater
    Member

    when I clicked on the toki site a pop up would open in another tab for something like an ad or a warning site. And even now when I went to click on a link in my dashboard for the toki site an ad site opened in another tab

    - Do those popups still happen when you turn off all your plugins?
    - Are you on a PC/Mac? What OS are you running?
    - What protection do you have on your machine?
    - What browser(s) are you using?

    The problem may not have anything to do with your site. Indeed, those popups may not have anything to do with this particular problem.

    How can I protect my sites?

    I would definitely start by creating a support ticket with your web hosting provider. They should be able to determine what accessed those files (listed in the email I sent earlier) that saved the hacky code.

    A BIG thank you for not only taking the time to find that but to remove and fix it for me

    Not a problem 🙂

    July 20, 2015 at 1:24 am #159858
    Toki Tover
    Member

    Well it initially happened when I first clicked the home link from the dashboard and hasn't happened since.

    – Do those popups still happen when you turn off all your plugins? No it hasn't happened since, either site.
    – Are you on a PC/Mac? What OS are you running? I am on a mac os yosemite 10.10.4
    – What protection do you have on your machine? I dont have any protection for my mac
    – What browser(s) are you using? I am using chrome

    July 20, 2015 at 1:37 am #159861
    Erik D. Slater
    Member

    Sent you an email 🙂

    I'm a Windows sort ... but MOODY is an Apple snob 🙂 He might be able to shed some light for you there.

    July 20, 2015 at 11:52 am #159903
    MoodyRiviera
    Member

    All thanks and high praise to Erik (Sherlock) Holmes for digging into this and rooting out the offending code. As his biographer and chronicler of his exploits, I may write up this case as a story in the "Continuing Adventures of Erik (Sherlock) Holmes" – due out in 2025.
    Truly,
    Dr. John Watson, Esq.

    P.S. Mr. Holmes wondered if I (as a Macintosh snob) might shed any light on the problem from the Macintosh viewpoint, and I would that, even though Yosemite is a major PIA, I doubt that it has anything to do with the problem you're having. Same as you, I don't run any "protection" on any of my Macintoshes, and never have had a virus or any other malware, dating back to 1988.

    *MoodyRiviera*

    July 21, 2015 at 6:24 am #159952
    Toki Tover
    Member

    Yes a BIG thank you to Erik for all the help to find the issue AND resolve it for me. (learned something new too!)

    Can't wait for the case study to come out 😉 Also I don't think the OS was the issue either.

    Thank you Moody and Erik!

    February 26, 2018 at 10:39 am #217029
    webcamtube
    Member

    Hello! something similar happened to me in my we but they did not link with porn pages. You have been able to solve the problem, I appreciate your help

  • Author
    Posts
Viewing 8 posts - 21 through 28 (of 28 total)
1 2
  • The forum ‘General Discussion’ is closed to new topics and replies.