Online casino 10 pesos minimum deposit philippines real money.Claim Your Free 999 Pesos Bonus Today

Forum Replies Created

Viewing 5 replies - 1 through 5 (of 5 total)

Forum: Plugins
In reply to: [Wordfence Security - Firewall, Malware Scan, and Login Security] Username Signed In That Is Not in Users

Nick Scott
(@njscott)

10 years, 1 month ago

WFSupport,

I checked the database on my site and no user with an ID of 8888 or 88888 exists. In fact, the Wordfence log shows that “systemwpadmin” logged in with an ID of 10. That ID no longer exists in my database.

Nick

Forum: Plugins
In reply to: [Wordfence Security - Firewall, Malware Scan, and Login Security] Username Signed In That Is Not in Users

Nick Scott
(@njscott)

10 years, 1 month ago

Brian,

WordPress, Genesis and the themes are all at the latest levels. WordPress is at v4.1, Genesis is at v2.1.2. Beyond the Outreach theme at v2.0, it was the latest levels of Twenty Fifteen, Twenty Fourteen that got hacked.

Thanks for listening ??
Nick

Forum: Plugins
In reply to: [Wordfence Security - Firewall, Malware Scan, and Login Security] Username Signed In That Is Not in Users

Nick Scott
(@njscott)

10 years, 1 month ago

verdipro –

I too received a notification this morning that a user “systemwpadmin” had signed on to one of my sites. I also received an email from Wordfence telling me that the functions.php file from 5 of my (inactive) themes had been modified. When I checked, I found a block of code had been inserted at the beginning of these files.

It was a simple enough task to replace the files using the Wordfence Scan panel. However, I found that the functions.php file for both my active theme (Outreach 2.0) and Genesis also contained the inserted hack code! I am not very happy that Wordfence MISSED this!!

I did a little Google-ing and discovered that this “systemwpadmin” User ID inserts itself into your database with an ID of 88888. The user is not visible from the standard WP Users panel, but exists as a hidden entry in the database. This information came from posts that are 1 and 2 years old now. When I checked my database, no such entry existed. Only entries for valid users. My suspicion is that the hacker(s) responsible for this intrusion have become more sophisticated and now erase all trace of the user ID after they have inserted their code.

Bottom line: Inspect ALL the functions.php files on you site and repair any that contain this hack.

AND… Wordfence – if you are listening – Your scanning code needs to be repaired to include all of the existing themes present on the system – Genesis and Outreach included!

Forum: Plugins
In reply to: [Solid Security – Password, Two Factor Authentication, and Brute Force Protection] Database backup stopped working

Nick Scott
(@njscott)

11 years, 7 months ago

Confirmed. v3.5.5 of the plug-in has corrected the database backup bug.

Forum: Plugins
In reply to: [Solid Security – Password, Two Factor Authentication, and Brute Force Protection] Database backup stopped working

Nick Scott
(@njscott)

11 years, 7 months ago

I have the same problem with two of my sites – 500 error when I try to create a database backup. This happened after updating the plug-in from v3.5.3 to v3.5.4. I’m running WP at v3.5.2.

I fixed the problem by uninstalling v3.5.4 of the plug-in and re-installing v3.5.3. Of course I had to go through and reapply all of the settings. But now my backups work again.

Any fix for this in the near future?

Nick

Viewing 5 replies - 1 through 5 (of 5 total)