BuddyPress.org | mareksgregs | Activity

mareksgregs replied to the topic Untraceable spam user in the forum How-to & Troubleshooting

Wed, 26 Jun 2013 17:24:33 +0000

I’ve already removed the plugin. Since I didn’t even use it.
Do I really need to change database password too? How could they even access my database?

mareksgregs replied to the topic Untraceable spam user in the forum How-to & Troubleshooting

Wed, 26 Jun 2013 17:08:46 +0000

The scan found only one problem, which is:

This file may contain malicious executable code
Filename: wp-content/plugins/user-meta/framework/init.php
File type: Not a core, theme or plugin file.
Issue first detected: 45 secs ago.
Severity: Critical
Status New
This file is a PHP executable file and contains an eval() function and base64() decoding…

[Read more]

mareksgregs replied to the topic Untraceable spam user in the forum How-to & Troubleshooting

Wed, 26 Jun 2013 07:47:51 +0000

I deleted the user from the database yesterday(in which it didn’t have an email either) yesterday. And it hasn’t come back yet. I think it may be finally gone. 🙂

mareksgregs replied to the topic Untraceable spam user in the forum How-to & Troubleshooting

Tue, 25 Jun 2013 07:25:58 +0000

@jconti What am I supposed to look for in those files?
And I found the user in the users database. Should I delete it?

mareksgregs replied to the topic Untraceable spam user in the forum How-to & Troubleshooting

Mon, 24 Jun 2013 17:42:43 +0000

I think I found out why it says Error – 101 too. When I click “Recheck”, it says “The selected user couldn’t be found on users table”.
So does that mean that it’s beyond user database? o_o

Edit: There’s still no email.

mareksgregs replied to the topic Untraceable spam user in the forum How-to & Troubleshooting

Mon, 24 Jun 2013 17:38:30 +0000

I just deleted the user again, and it re-appeared 5 seconds later, but this time Wangguard logged an IP! This means progress!

Any suggestions for how to ban the IP now?

mareksgregs replied to the topic Untraceable spam user in the forum How-to & Troubleshooting

Mon, 24 Jun 2013 17:11:52 +0000

@ubernaut I tried that Wangguard plugin (thanks for introducing it to me by the way, it’s awesome) and when I scanned the user, it’s status came back as “Error – 101”

I don’t see how my site could be hacked though. Perhaps the problem is in one of my plugins. Unlikely though. All of my active plugins are legit and shouldn’t have spam bots in…[Read more]

mareksgregs replied to the topic Untraceable spam user in the forum How-to & Troubleshooting

Mon, 24 Jun 2013 16:33:02 +0000

@ubernaut Oh I forgot to mention, there isn’t an email associated with the account either.
I think that something in the files may be creating it over and over again. Would that be possible?

mareksgregs started the topic Untraceable spam user in the forum How-to & Troubleshooting

Mon, 24 Jun 2013 11:56:21 +0000

I have a user by the username of “user.firstnameuser.lastname” and it keeps spamming the Groups section of my site.
I’ve deleted it for about 30 times by now. But it just keeps coming back. And what’s really odd is that it has no Registration IP or any IP associated with it. The sign up is not showing up in the Activity log either.

Is there a way…[Read more]