Paxman: I’ve been trying to debug it, see if I could fix it, but just can’t find the “hook” to start unraveling what’s going wrong
Hodnicki: Someone hacked my site and created new pages advertising ****. is it safe to try to login ?
Bednar: Rundi: do you have and are you comfortable with phpmyadmin?
Madho: Yeah you can probably login
Mcmakin: Just consider your p***word stolen as well
Mclernon: Delete all users, create a new one with a new p***word, and then try to find the point of entry
Lahay: Jtrag I am not sure, have yet to login, i have been given control of the site now
Opdahl: Once you’ve patched it up get a new p***word again in case the site sent the attackers the p***words you made while being infected
Walke: Im wondering also if i should delete the new ****o pages first or to use google’s disavow tool first then delete?
Debuse: If disavow is easy and doesnt take a lot of time that would be my choice
Eubank: Rundi: If you are familiar with the shell, like SSH you also want to search all files for patterns like ‘eval’ or ‘base64_decode’ to check for any backdoor/shell scripts the hacker might have uploaded. Also, if you have access to your webserver logs, check all logged POST requests and see if strange .php files were called wp-login.php, wp-cron.php are okay
Dumouchel: Rundi: http://codex.----escape_autolink_uri:a03ded6cd97ffffa8f7b4e1454f3eecc----.org/FAQ_My_site_was_hacked , and stop trying to patch up your hacked site. Reinstall or restore your backups. And read http://codex.----escape_autolink_uri:a03ded6cd97ffffa8f7b4e1454f3eecc----.org/Hardening_WordPress
Deley: I ran an online scuri scan first and it returned nothing
Pyne: So should i run it again this time by installing it on the site?
Bedlion: Rundi: see what Ostiguy said.
Geil: Opsec i lost 800$ :/
Bedlion: Told you to stay away from the horse track.
Geil: No was sending a bitcoin payment, and i gave the wrong address, so someone else has the btc now
Ferrick: Well sucuri online scanner said it has no malware or Elenbaas etc.
Bedlion: Fris: ugh. that’s a bad one :
Bedlion: Fris: i don’t think gemini is up yet, but it’s supposed to prevent things like that
Bedlion: Or at least have a sane pathway for a “do over”
Bedlion: 800 is almost 4 btc though .
Geil: Gonna go for a run now, try to work off this anger :p
Bedlion: If you need any books on tape, let me know :
Bedlion: Lindsay recommended me: John_E_Sarno_M.D-Healing_Back_Pain
Badgero: Anyone use jetpack plugin at all?
Fisk: We are experiencing a problem with our wordpress wp-admin :
Ander: When clicking on it, the following error page/message appears “fatal error: Call to a member function get_default_theme_xili_options on a non-object in /home4/ab45518/public_html/wp-content/plugins/xili-language/xili-includes/theme-multilingual-cl***es.php on line 1014”
Perretti: We tried to look into the support forum, but no solutions – any thoughts?
Bedlion: Rename/disable this plugin: /wp-content/plugins/xili-language/
Bedlion: Rename the xili-language/ to xili-language-1/
Bedlion: That will disable the plugin so you can debug it or contact the developer of it
Cailler: Thank opsec – how do I rename/where? sorry quite newbee in there
Bedlion: Cecilelaura: you might want to get your web person involved
Redeker: Ok opsec – however, I have no web person with us – any quick fix I can do by myself like disabling the plugin or something like that?
Bedlion: Heh, i just told you the quick fix
Bedlion: By “quick” i mean, a few seconds to rename the directory and reload/refresh the site
Anasagasti: I don’t understand the question
Sodervick: Http://www.w3schools.com/jsref/tryit.asp?filename=tryjsref_win_settimeout opsec widoz will it run on wordpress ?
Kalar: I dont think so. if you are an admin. i would like to talk to pm about my site and seek guidance.