- This topic has 13 replies, 4 voices, and was last updated 10 years, 10 months ago by
.
-
Posts
-
My Simple Edits plugin is sending out spam, which means i am about to remove it, is there a reference somewhere on changing functions.php so we don't need to use Simple Edits, I hate getting these emails from my hosting company, plus it tends to blacklist the domain on email servers too. Very not fun.
What is the url of your site so we can take a look? What content do you have in the Genesis Simple Edits.
Need help with customization or troubleshooting? Reach out to me.
I already deleted the plugin but now I am trying to use this to remove footer info by adding this to the bottom of functions.php and itthe footer stuff is still there
/** Remove Genesis Footer Link */
remove_action(‘genesis_footer’, ‘genesis_do_footer’);
What did your host say about this? The footer and plugin cannot send out spam. What did they say your issue was and how was it determined that it was the plugin? I, as well as a lot of others, use this and have never had a problem with it.
Need help with customization or troubleshooting? Reach out to me.
What Anita said.
The plugin does not have the capability to send emails, so it's impossible for it to be the source of the spam. If your ISP told you this, you need to run as fast as you can to another hosting provider, because they know not a thing about WordPress or troubleshooting, and this is a scary thing. To me, anyway.
Okay, now I am scared... you're with Hostgator (so am I). If someone with their tech support told you this, maybe that tech you talked to was just drunk...
WordPress / Genesis Site Design & Troubleshooting: A Touch of Summer | @SummerWebDesign
Slice of SciFi | Writers, After DarkIf anything, it might be the Custom Contact Forms Plugin. Now that can probably function like that.
Need help with customization or troubleshooting? Reach out to me.
it is not hostgator, this is what they said
sample of emails being sent
2014-08-31 07:06:19 cwd=/home/XXXXXX(my account name)/public_html/babtennis.com/wp-content/plugins/genesis-simple-edits 3 args: /usr/sbin/sendmail -t -iPossible Scripts:
'/home/XXXXXX(my account name)/public_html/babtennis.com/wp-content/plugins/genesis-simple-edits/ek.php'
Go to your file manager on the host. Open up the plugin file folder and make sure you deleted the entire file folder and contents. The plugin doesn't include a genesis-simple-edits/ek.php file. If that's in there on your hosting account - then your account has been compromised. A file cannot be to a file folder in that manner unless your hosting account has been compromised. There's no need to remove the entire footer for that message.
Need help with customization or troubleshooting? Reach out to me.
Somehow the plugin was hacked, unless they hacked in another way then just infected the Simple Edits plugin, I have already scanned the site and nothing else was found. I would like to remove the footer info, any idea why this won't work or what else I can do to remove footer info
/** Remove Genesis Footer Link */
remove_action(‘genesis_footer’, ‘genesis_do_footer’);
You don't have all of the code in there. It should be:
// Remove Footer remove_action('genesis_footer', 'genesis_do_footer'); remove_action('genesis_footer', 'genesis_footer_markup_open', 5); remove_action('genesis_footer', 'genesis_footer_markup_close', 15);
Need help with customization or troubleshooting? Reach out to me.
The source of that information is from here - http://www.billerickson.net/code/remove-genesis-footer/.
Need help with customization or troubleshooting? Reach out to me.
Removing the footer will not fix the problem. Somehow the permissions on your plugins folder were incorrect, and someone just dropped that ek.php script into the first open writeable directory they found.
What you need to do is delete that ek.php file, change the file permissions on the plugin folder and everything in wp-content to be correct/secure, and make sure there aren't any other copies of that script in other folders on your website.
You should be able to use File Manager from the cPanel and see what the ownership/permissions on that file are (and on the folder).
They either made their way into your hosting account, or slid in sideways from someone else's on the same server. You need to change your passwords asap, and that includes the database passwords for the WP sites.
So, to be clear... Simple Edits was not hacked. They did not change any existing Simple Edits code. Someone hacked your website or your hosting account or both, and planted a trojan in an insecure folder, which happened to be the plugin folder for Simple Edits.
WordPress / Genesis Site Design & Troubleshooting: A Touch of Summer | @SummerWebDesign
Slice of SciFi | Writers, After DarkThank you all so much, those missing lines did the trick, perhaps Simple Edits was not the cause of the hack but just staying away from it in this site, I did update server password and wp database pw, thank again all of you and Happy Labor Day!!
I recommend you install iThemes Security (Better WP Security) and set the disable php in uploads. This will stop 90% of these php / script drop in attacks in the future.
- The forum ‘General Discussion’ is closed to new topics and replies.