[Plugin: Hide Login]

This is not a virus ?? it’s an open source plugin, you can check up its codes. abso-bloody-lutely it’s from something else, maybe ftp injection! please don’t interrupt hide login forum with this kind of topics. ??

Yah. Unless you can demonstrate the where and how of it, try not to make accusations like that.

If you actually can demonstrate via how, don’t post that here. ?? Instead search this forum for how to contact the plugin guy(s) and let them know.

Okay, if you want to get technical it may not be a virus but once you turn it on it redirects you to a site that is infected and that will infect you. All I did was activate the plugin and turn it on. I was then infected by this redirect. Call it what you want but stay away from this unless you want trouble. If you think its clean then I invite you to try it out. I’m just trying to warn others before they make the mistake I did. Luckily my web hosting company was able to restore my site from a backup. They also agreed that it had malicious code.

Before you guys edit my posts and claim that I’m over reacting you should try it. I invite you.

plugin uses .htaccess for redirection, the rules are set for your blog domain only ( can be seen by viewing /public_html/.htaccess file )
i already tried it out, clean and safe.
and other guys please ??

Before you guys edit my posts and claim that I’m over reacting you should try it. I invite you.

Fair enough. That’s why I have my Crash Test Dummy™ installation after all.

* Jan disables all other plugins, makes sure he’s using Twenty Eleven, download and installs plugin. Configures said plugin. *

Okay, here’s the thing and please note that I’m not making fun of you or disparaging you in anyway.

I think you’re overreacting.

I just tried it and found that a) it edits my .htaccess file in not the right place and b) puts a nonce in my .htaccess as part of a redirect URL (that’s not good) c) it totally doesn’t get that my install is in a subdirectory.

Some editing of the .htaccess file and I got past that and I really don’t think that’s a useful plugin for me.

But I can reasonably say that aside from it being poorly documented and lacking some checks, I don’t see how it could have done what you’ve said.

I even modified a file by hand and compared the WordPress files via

find . -type f | egrep -v "\.svn" | xargs -I{} svn diff {} > results.txt

That’s not a 100% thorough check but it’s pretty darn close.

Except for the one file I modified, it didn’t pickup a single file that was changed and reported (as expected) things like

svn: 'wp-content/themes/twentyeleven-child/style.css' is not a working copy

I just don’t see any evidence that that plugin can do what you say it did.

I’m not saying that it can’t be fixed but I’m warning those that just use it as is. It WILL redirect you to an infected site by default.

And I tested it with 2 other “test” Windows XP machines and it infected them in the same way.

please state clearly which url u’re redirected to and copy/paste the part which belongs to hide login plugin from .htaccess file.
thanks

I just uploaded it. No virus. It works but is a little tricky. I did have to delete it via cpanel during testing.

My experience with hide mode enabled:
– Delete whatever Is previously in .htaccess (set with whilst checking .htaccess bc it edits this automatically and different hide modes may paste twice) :
– If network activated, it auto configures the sub blogs logins. ie yoursite/crypticlogin and sub.yoursite/crypticlogin
-If network activated with login redirect set to blog , login on the form had to be clicked twice.
-If network activated with login redirect set to admin, it doesn’t go to admin on login but home, and I got this url for any click. (I have buddypress) bp_pc_redir_to=%2F%3Fhide_in_key%3Da03a0a8di%26redirect_to%3Dhttp%3A%2F%2Fthesite.com%2Fwp-login.php%3Fredirect_to%3Dhttp%3A%2F%2Fthesite.com , the homepage’s widgets also all set back to default widgets (weird part).
-If individually activated with login redirect set to admin, it works fine.
-wpaddress and custom url do not save.

Wp- login is still present on form page and logout, can this be changed?
wp-login.php hide_in_key=A03A0A8dI&redirect_to=https://
&
/wp-login.php?privacy=1&redirect_to=%2F%3Floggedout%3Dtrue

The infected site @ro Nan mentioned is https://massagepool.ru/mysave/index.php. This happens when it is “disabled” but hide login is “enabled”. However I am now still getting this even after deleting the plugin when any rewrite rule for login is put in the htaccess. What is the database table name for this please?

I activated this plugin, turned it on, and when I then went to test it by going to mywebsite.com/login I now can’t get into my site
now what to do to regain access to my page?

I think that first of all, we need to do is, once you activate the plugin, to test if it works, we must open our page in another PC, but without logging out, so if the plugin does not work properly, you can go back to your PC source, so I can turn off without any problem,
I had problems with plugin prevents this, not just because it has a video tutorial with details on how to setup it
I installed various plugins very complicated, but they had uploaded the video tutorili, where they helped you to configure the plugin, this plugin will be very good for those lucky that it works in your blog, but as we who are uninitiated, is very complicated to understand these terms htaccess etc. and blah blah blah, I had to call to godaddy to disable this plugin and its script, because I could not longer have access to it
then follow my advice, not logout from your blog before you test it in another pc

hi guys,

1) Login your domain dir using FTP software such like SmartFTP etc.
2) Search your .htaccess file at public_html>YOURDOMAIN>.htaccess
3) Copy your .htaccess file into your computer@desktop
4) Open your .htaccess file using Dreamweaver , Notepad etc.
5) DELETE from #HIDE-LOGIN until #END HIDE-LOGIN
6) Save your file
7) Copy/overwrite/upload back your .htaccess file into your domain dir.
8) Now you can login back to wp-admin and delete your plugin

You can use HIDE-LOGIN plugin but need to add your Facebook login ID as an Administrator role too. Add Facebook Login button. Manage your page using Facebook. Good Luck!

I got mine to work by removing this line of code in the .htaccess:
RewriteRule ^exit store/wp-login.php?action=logout&_wpnonce=2f3538a9ec&hide_out_key=BkkO5034 [L]

For some reason it would not let me log out but once I removed this line it works :-)!! Also I have not encountered the virus URL but I will scan the DB/plugin folder to make sure.

Another thing is the “&” for some reason was written in HTML in the htaccess (?hide_in_key=hqa60C7–>&<—redirect_to=https://patrickmediagroup.com/store/wp-admin/_)
So I had to change it and it fixed my other redirect issue. Hope this helps!