mmtrav

Having a similar issue here.

I’m using BetterWP Security on a client site — at the moment having grave difficulty accessing all secure pages — I only get white screens. I am not sure what has caused the secure pages to go down, but despite a lot of efforts to get them up again, I’m thinking I have to roll back to a previous version of WordPress and better wp security to get my site up and running again.

unfortunately, I never figured it out and had to just make a standard watermark instead. The plugin is coded somewhat messily and so it was very hard for me to figure out how to include it.

I used the plugin on this site in order to mark up the photos but I would have rather had the photographer’s name in my contest. Hope you do upgrade the plugin! Would be willing to offer some beer money if you did it.

@computacion

I have a few more elements to my story. After fixing my initial .htaccess files I contacted avg on [email protected] asking to be whitelisted. They replied that I was still showing malware reports on certain pages of the site and provided me with a CSV file with all the incidents of malware occurrence.

So, eventually bit the bullet and hired sucuri.net to clean my site for US$90 as its a client site and their users are reporting issues — bad situation to be in!

Surprisingly, Sucuri discovered malware hidden in another half dozen files throughout the site, and among files that weren’t new to the WordPress installation but modified by a hack exploit.

Here’s the report they gave me:

The following files were compromised and fixed:
OK: Hardened upload directory (./wp-content/uploads)
Found suspicious signature on file: ./wp-content/uploads/2010/11/log.php (CLEARED)
OK: Removing backdoor from uploads directory: ./wp-content/uploads/2010/11/log.php
Found backdoor (malware) on file: ./wp-content/blogs.dir/2/files/2011/09/mootools-1.2.1-core.php (CLEARED)
OK: Hardening ./wp-admin/setup-config.php on WordPress
Found backdoor (malware) on file: ./wp-includes/feed.php (CLEARED)
Found backdoor (malware) on file: ./60c002be4170cf563a01e5f33a5ce93e8f538230.php (CLEARED)
Malware found on file: ./wp-content/themes/canvas-4.4.5/includes/images/flexo.php (CLEARED)
OK: Removing PHP file (backdoor) from the images directory: ./wp-content/themes/canvas-4.4.5/includes/images/flexo.php (hardening)`

Please follow these steps to avoid reinfection: https://sucuri.net/kb/after-the-cleanup

So, hoping that helps you guys. My recommendation is you can afford it, is to purchase a Sucuri maintenance cleaning. Peace of mind is also worth hours of my time! I would have never been able to find these problems so quickly.

Hi guys,

I had the same report from AVG on a site but was not showing anything in the above named JS file.

/wp-includes/js/comment-reply.js

So that makes me think that this blackhole exploit kit has a few different forms, to which AVG is reporting everything as ‘blackhole exploit kit’.

My threat was removed when I cleaned suspicious code in my .htaccess file.

This post has more information on it, and my unique situation: https://www.computerpartsgreenvillesc.com/secrets-of-the-blackhole-exploit-kit-revealed/

I concur! Review and overview here:

https://www.mikeyleung.ca/2011/03/09/new-wordpress-backup-solution-myrepono/

Is this offering what you want, Meira?

https://www.coderstd.com/products/xmlrpc-api-wp/index.html

yep.. same issue here

You might also want to mention, for those who love to avoid PHP code, like me, that you can use the shortcode [cft format=0] to output the code in the options panel. I couldn’t find the spot where it said to use format=0!