Site Integrity Scan 96 Critical Errors overnight

  • Site: https://theeaglesaerie.homeoftheeagle.com/

    5/24/20 14:00 Hrs (PDT) Cerber site integrity scan reported 96 critical errors. Previously there had only been one error, which I had previously queried Cerber Techs concerning it.

    Areas of the report indicating “verified” are:
    WordPress files
    Yoast SEO plugin
    WordPress Forms Lite plugin
    WP Cerber Security, Antispam & Malware Scan plugin
    SSL Insecure Content Fixer plugin
    Akismet Anti-Spam plugin

    /.htaccess indicated “suspicious directives found” previouslyh I had queried Cerber Techs but have yet to get a response

    Several other areas showed errors of “integrity not found” for:
    Yoast SEO: Search index purge plugin
    -additonally 46 “suspicious or malicious code found”
    Wordfence security plugin
    -additionally 42 “suspicious or malicious code found”
    UpdraftPlus – Backup/Restore plugin
    Math Captcha plugin
    -additionally 1 “suspicious code found”
    Classic Editor plugin
    Twenty Ten Theme

    Previously that day:
    At 00:41 Hrs (PDT) I ran an update for the SEO plugin
    After triggering the update I was required to log in.
    When I did, I found the update, apparently, completed
    When I clicked on the dashboard I was required to log in again, which I did.
    At the plugin update page the SEO pluging was highlighted in red and still required an update
    when I tried to trigger the update I AGAIN was required to log in – even though I was shown to BE logged in.
    Other than the login demands, the site appeared to be operating normally
    I logged out and relogged in and immediately change the administration pass word.
    Nothing further, out of the ordinary was noticed.

    When I returned to the site, at 15:30 Hrs I had no problems logging in and the site appeared to be operating normally.
    Checking for new hacks and the site status I found the security report.

    Examining the Cerber traffic inspector I discovered that, at the exact minute I was updating the SEO plugin one of the daily hacker sites had attempted to hack into my site: 50-116-84-13.unifiedlayer.com

    However, this site has been blacklisted for a long time so I don’t know how it could have been able to get into my site. It is one of the several sites that try to hack my site every day (I have over 10,000 traffic entries in the last month).

    As of this message, my site seems to be operating normally. I am suspicious that updating the SEO plugin, somehow, initially failed but “completed” on the second try, causing these entries. Is is possible that could be the cause of the 90-some errors between 00:41 Hrs and 14:00 Hrs today?

    None of the issues can be resolved as it requires that “You have to upload a ZIP archive from which you’ve installed it.” I installed using WordPress dashboard “add new” for any themes/plugins. I’ve got no idea where such “zip archive” might be.

    Any help would be appreciated
    Thanks
    JE

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author gioni

    (@gioni)

    Hi! Having a great background story is good, but could you please ask a single clear question per a single post? Do you install plugins by clicking the “Install Now” button on the “Add Plugins” admin page?

    Thread Starter ragingeagle

    (@ragingeagle)

    Gioni

    Apologies, too many years writing crime reports, LoL.

    The basic question was that on 5/14/2020, overnight, I received a scan report showing 96 critical errors. Most of the “errors” were linked to updraft plus.

    I have no idea what caused them but suspected a glitched update attempt, the day before, of update plus plugin.

    I only have 9 plugins, total, basically the minimum to safely exist and operate.

    I always use the new plugin page to install/activate/delete plugins.

    Scans occur automatically (no idea of periodicity).

    Wordfence just completed the first scan, since the one in question, about 90 minutes ago, and it is now reporting “No new issues have been found”, There is one previously ignored issue.

    I have no idea what caused the 96 errors or why they disappeared between scans.

    I did have the “Health Check and Troubleshooting” plugin installed but, every time I clicked on it in Dashboard, it demanded I log in so I deleted it.

    In Telecommunications we used to call this kind of error FM, F…. Magic. I have no better explanation, LoL.

    The problem appears to have fixed itself. Apologies for taking up your time and thank you for your help.

    Terry

    Plugin Author gioni

    (@gioni)

    Good news! Probably it was caused by manipulation with a backup. BTW, do you use the professional version of WP Cerber?

    Thread Starter ragingeagle

    (@ragingeagle)

    Gioni

    Yes, I do. My site was down, due to hacking, while I was hospitalized and recovering. When I recovered it from a backup it was hacked withing 48 hours. I had wordfence running but it didn’t make any difference. I recovered the site a second time and it was hacked by the next morning.

    I installed free WP Cerber and found over 50 FAILED attempts to hack the next day. I immediately purchased WP Cerber professional. I have had to delete over 10,000 traffic entries from Traffic Inspector in the first month of using Cerber. In the 7 days since then I have over 300 failed hack attempts. I have just over 100 blacklisted URLs that professional WP Cedrber has protected me from.

    I am exporting traffic archival entries to excel files about once a month to keep the data storage more reasonable.

    Kudos on the BEST site protection I have ever had.
    ———————————————————————————
    NOTE: I do not allow anyone to register on my site. It is informational and, basically, opinion. Would allowing registration, upon review, increase the chance of being hacked?

    The only problem I am still having is with repeated requests to log in. I had thought it was due to my VPN but it happens even without using the VPN and, almost immediately after clicking on “Site Health Screen” on the WordPress Dashboard.

    I do not remember having this problem prior to installing WP Cerber but I don’t know where the site health is coming from as I deleted the plugin “Site Health and Troubleshooting” and can’t really find direct “causality” only anecdotal “correlation.

    Thank you again,
    Terry

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Site Integrity Scan 96 Critical Errors overnight’ is closed to new replies.