Skip to:
Content
Pages
Categories
Search
Top
Bottom

Forum Replies Created

Viewing 16 replies - 1 through 16 (of 16 total)
  • Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    I’ve already removed the plugin. Since I didn’t even use it.
    Do I really need to change database password too? How could they even access my database?

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    The scan found only one problem, which is:

    This file may contain malicious executable code
    Filename: wp-content/plugins/user-meta/framework/init.php
    File type: Not a core, theme or plugin file.
    Issue first detected: 45 secs ago.
    Severity: Critical
    Status New
    This file is a PHP executable file and contains an eval() function and base64() decoding function on the same line. This is a common technique used by hackers to hide and execute code. If you know about this file you can choose to ignore it to exclude it from future scans.

    I wasn’t using that plugin though. It was deactivated.

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    Nevermind, fixed it! :)

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    The plugin works! (For me at least)

    Except there’s one little problem. My activity page’s link is /stream
    But the hashtags call for the default – /activity

    Does anyone know how do I change that?

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    I deleted the user from the database yesterday(in which it didn’t have an email either) yesterday. And it hasn’t come back yet. I think it may be finally gone. :)

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    @jconti What am I supposed to look for in those files?
    And I found the user in the users database. Should I delete it?

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    I think I found out why it says Error – 101 too. When I click “Recheck”, it says “The selected user couldn’t be found on users table”.
    So does that mean that it’s beyond user database? o_o

    Edit: There’s still no email.

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    I just deleted the user again, and it re-appeared 5 seconds later, but this time Wangguard logged an IP! This means progress!

    Any suggestions for how to ban the IP now?

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    @ubernaut I tried that Wangguard plugin (thanks for introducing it to me by the way, it’s awesome) and when I scanned the user, it’s status came back as “Error – 101″

    I don’t see how my site could be hacked though. Perhaps the problem is in one of my plugins. Unlikely though. All of my active plugins are legit and shouldn’t have spam bots in their files…

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    @ubernaut Oh I forgot to mention, there isn’t an email associated with the account either.
    I think that something in the files may be creating it over and over again. Would that be possible?

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    Oh thanks!
    But it seems that the problem was not much of a problem after all.
    I simply had to rename my child theme’s folder. Because apparently, you can’t have space between words. “My Theme” for example wouldn’t work. haha.

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    @hnla
    I expected my child theme’s css to replace the parent. But it didn’t. None of the ids I have in style.css replaced the parent.
    And yes, I’ve come to realize that the import tag isn’t doing much either. I removed it yesterday.

    I don’t kow what are these ruleset selectors. How do I place them? Where do I place them?

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    All right so,

    1. I created a new theme folder in wp-content/themes
    2. Then I created style.css with the following in it,

    /*
    Theme Name:     The Buzz
    Theme URI:      http://site.com
    Description:    Child theme for Buddypress Default
    Author:         Name here
    Author URI:     http://site.com
    Template:       bp-default                             
    Version:        0.1.0
    */
    
    @import url("../bp-default/style.css");
    
    #contentwide
    {
    margin: 5px 35px 0;
    font-size: 1.2em;
    width: 880px;
    float: left;
    display: inline;
    height: 400px;
    }
    
    body {
    background-color: #eaeaea;
    background-image: url(../images/background.gif );
    background-repeat: repeat-x;
    background-position: top left;
    color: #555;
    font-size: 12px;
    font-family: Arial, Tahoma, Verdana, sans-serif;
    line-height: 170%;
    max-width: 1250px;
    margin: 0 auto;
    width: 95%;
    }
    
    #site-generator {
    font-weight: bold;
    color: rgb(54, 54, 54);
    margin: 20px 20px;
    text-align: right;
    text-shadow: #fafafa 1px 1px 0;
    }
    
    #footer-widget-area div.widget-area > ul {
    height: 110px;
    float: left;
    margin-right: 2.5%;
    width: 23%;
    }

    3. Added that file to the folder I just made.
    4. Activated the Child theme in Dashboard -> Appearance -> Themes

    And that’s about it. Nothing happened.

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    @bphelp I did that. But it didn’t work as I had thought. It only restricted access to Forums and Activity Streams.
    Pages like Members ad Groups were still visible to visitors.

    Anyway, the function I found in the previously mentioned topic works. So my goal is achieved. Yee. :)

    Thank you both leading me in the right direction!

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    Just found this topic. And te last function on it seems to be doing the job except for Activity Streams page… it’s still visible.

    Avatar of mareksgregs
    mareksgregs
    Participant

    @mareksgregs

    Neither one seems to be working completely. Only restricts access to forums page.

Viewing 16 replies - 1 through 16 (of 16 total)