flyfisher842

Ashutosh Joshi is correct but you have to look down in the lower right corner to find the delete link. Hey WordPress Team, lets make it harder to delete a theme next time. I just won’t add anymore new ones. That seems to be the message here

Removing the delete link from the upfront dashboard was a stroke of genius for making life difficult. The more stuff gets improved the harder it is to operate. Not just WP but a lot of programs work that way.
Thanks to Ashutosh Joshi for posting how to find the delete link.

I will second and 25th all who said thanks for letting us know. I was about to wipe out two databases and start over with imports and all that stuff. This post saved me a ton of brain damage.

correction genshop.org is registered out of Nassau, Bahamas. asseenontvhq.com the site the hacked pages were redirecting to is protected by Domains by Proxy and hosted on wildwestdomains.

My hosting company of course says their server is secure and that site security is my responsibility. I use a very good paid security service to protect my WP installs.

genshop.org was the hacker as best I can determine. I suspect this person(s) chooses sites that are popular in Google to use as his targets. That way he will get more hits on his junk pages.

genshop.org is a totally closed site. No pages showing, the robots.txt file is protected from viewing by the .htaccess file. It is currently registered with Domains by Proxy (a godaddy subsidiary) and hosted on wild, wild west (another godaddy subsidiary).

Googling genshop.org yields some interesting info. Quite a few other people are and have been tracking this site.

if you have run the easy csv importer plugin, you probably got infected from it. The PHP.Kryptik.AB trojan is embedded in the file functions/ecs_functions_code.php. At least that is what eset NODE32 tells me. While this trojan might be used as an update tool, I doubt it since the plugin developer has refused to put any physical address on file with his registrar. See the readme.txt file for the URL.

Always a good idea to download the plugins and scan before installing to your blog or site. The easy install in WP is a nice time saver for us and the hackers.

10/20

I too am having this problem. It is because I had to make 28 revisions to the published post to get it almost right. It needs one more revision to display properly.

Either I should be able to disable this diff check or be able to extend it long enough for load process to cycle thru the revisions to find the most current one.

Or better yet, improve WP so it automatically goes to the post revision with the latest time stamp.

I would appreciated a reply.

Delete bad behavior plugin if you are using it. My ISP found that was causing the problem on my blog. In addition the website serving the 403 page was using it to send out adsense ads.

12/5

May not be a server problem. here is what happpened to my tonight.

Error 403
We’re sorry, but we could not fulfill your request for /wordpress/wp-login.php on this server.

Your Internet Protocol address is listed on a blacklist of addresses involved in malicious or illegal activity. See the listing below for more details on specific blacklists and removal procedures.

Your technical support key is: 1809-034a-1366-73cd

You can use this key to fix this problem yourself.

If you are unable to fix the problem yourself, please contact editor at fly-fishing-colorado.com and be sure to provide the technical support key shown above.

The fix this problem yourself leads to this page which displays google adsense ads

https://www.ioerror.us/bb2-support-key?key=1809-034a-1366-73cd

Technical Support
Your request was intercepted by security software which protects the Web site you visited from malicious activity, such as hackers, spam and viruses. We apologize for the inconvenience, but your request matched a profile of suspicious activity. This problem is usually quite easy to fix.

Your computer’s IP address was determined to have recently sent spam or engaged in malicious activity as reported by a third-party monitoring service. This means your computer is most likely infected with viruses or other malicious software. See below for more information and removal instructions.

Your request was blocked because of malicious automated requests received from your computer’s IP address.

This problem may be caused by viruses or spyware on your computer, or by malicious software that pretends to be anti-virus or anti-spyware software. Ensure that you have REAL anti-virus and anti-spyware software on your computer, that they are kept up-to-date, and that you have run a full system scan using each tool. Once your system is cleaned of viruses and spyware, please try your request again.

The free Google Pack provides trustworthy anti-virus and anti-spyware software. Right here is a Google adsense ad from this publisher

<script type=”text/javascript”><!–
google_ad_client = “pub-0489528074971520”;
google_ad_output = “textlink”;
google_ad_format = “ref_text”;
google_cpa_choice = “CAAQlLmrggIaCPLV56WTB-xHKOCHu4UB”;
//–></script>
<script type=”text/javascript” src=”https://pagead2.googlesyndication.com/pagead/show_ads.js”&gt;
</script></p><p>Blacklist Reason(s):

Blacklist Reason(s):

If the above suggestions fail to resolve the problem, click Back and contact the e-mail address you were given for further assistance.

There were no reasons given. I don’t send spam nor engage in any illegal activities on my site.

1. My ISP is investigating this matter. They say it looks like my blog was hacked and is being controlled from outside. They have seen several of these incidents tonight.

I think there is some security problem with V2.3 that has not been found.

2/19
to RaulTBC RE:IIs servers. .htaccess does not apply to them. Unless you are running your own server with administrator priviledges, you will have to have the tech support staff set these permissions at the wwwroot folder. read, write, modify and execute permissions.

If the wwwroot folder has these permissions, any subfolder will also have them. At the least ask them to set the permissions on the wordpress folder.

After they did this for me, my archieves links worked ok, the wp-db backup plugin worked and the default permalinks started working. But I can not get the other permalink choices to work. But I am not unhappy with the default structure.

Flyfisher842