Community Q&A:
Posts appearing on my WordPress site.
Asked by:
mherald / 15 Points Time:
2011-11-22 5:19 am EST Category:
Website Troubleshooting Hits:
1,050
mherald / 15 Points Time:
2011-11-22 5:19 am EST Category:
Website Troubleshooting Hits:
1,050
I've already received one response to previous questions about my ongoing issue trying to repair my blog. It started with someone creating a 'backdoor' and actually publishing a couple of articles from my blog. It goes like this - I get a notice I have a new subscriber - next thing I know the same name and email pops up in my User folder.
Securi Security has done their thing and tells me the site is Malware "free."
I was advised (in the response from this community) to run TAC, Exploit Scanner and Timthumb Vulnerability Scanner. TAC is not uptodate with the current version of WP so I did not run that. My theme does not use Timthumb (I checked) so I did not run that. I did run Exploit Scanner and it came back with a list of problems with plugins - all current - but I've deleted them anyway. I'm left with one "severe threat" - pasted below. I read your article on WP security but I still have no idea where to look for this and when I find it if I'm supposed to just delete the file or what.
php.ini:982
Often used to execute malicious code
; error_reporting(0) around the eval()
Also, all of my images have now disappeared from my blog - in fact the only thing showing up is some text. For what it's worth if it helps here's my url - http://www.inspiredgiftgiving.com
Thanks in advance for any advice, direction.
Securi Security has done their thing and tells me the site is Malware "free."
I was advised (in the response from this community) to run TAC, Exploit Scanner and Timthumb Vulnerability Scanner. TAC is not uptodate with the current version of WP so I did not run that. My theme does not use Timthumb (I checked) so I did not run that. I did run Exploit Scanner and it came back with a list of problems with plugins - all current - but I've deleted them anyway. I'm left with one "severe threat" - pasted below. I read your article on WP security but I still have no idea where to look for this and when I find it if I'm supposed to just delete the file or what.
php.ini:982
Often used to execute malicious code
; error_reporting(0) around the eval()
Also, all of my images have now disappeared from my blog - in fact the only thing showing up is some text. For what it's worth if it helps here's my url - http://www.inspiredgiftgiving.com
Thanks in advance for any advice, direction.
Best answer chosen by Web Hosting Hub staff
|
0
|
Hello mherald, I'm sorry you've had trouble with your site being hacked. I'm also sorry you had trouble running TAC as I've used it on current versions of WordPress. I checked into the threat reported by the Exploit Scanner and it appears to be a false positive (per the plugin developer). Please accept my apology, that plugin does seem to give false positives. I would recommend taking a look at the Access Logs in your cPanel and search for any IP accessing your wp-admin area that does not match your IP. You can also give us a link to a specific article on your blog that wasn't published by you (if it's still published) and we can take a look at the logs for you as well. If you have removed the published articles, can you tell us the time and date the most recent article was published? We look forward to hearing from you so we can help you resolve this as quickly as possible. Regards, Christi N. |
Want to share this Question?
Tweet
Help Center Login
Related Articles
It looks like there are no related articles.
Would you like to ask a question about this page? If so, click the button below!
