steve-d

Frederick deserves the Nobel Prize for customer support. Don’t let that go to head though. That’s the most common, first and typically LAST mistake. Believing in your own hype.

Fixed. Files permissions issue.

Waiting

Hello?

I’m 99% sure as of now it is not W3 Total Cache. Just SNAFU at a shared hosting server.

Okay after some more nose to the grindstone I think it may be a NS thing.

SNAFU

Just emailed you a link via your contact so you can run the full scan.

Per other thread. I don’t think it’s your plugin but a possible flaw in the Sucuri scanner.

Frederick, I have access to the full paid version of the scanner. If you want I can privately email you a jpeg snip of the scan. First thing that came to mind, that’s odd, is this scan is misinterpreting cached files as malware? Unless someone has compromised the plugin and other plugins in this Network Solutions fiasco, or it could be a flaw in their scanner.

I doubt it’s your plugin.

I removed W3 Total Cache/0.8.5.2 and then a scan came up clean.

Here is the contact. https://sucuri.net/

Last hack hit me 00:48 Friday. Online scan reported malware java script. Ran full scan on my local system and found 3 new hi.class trojans and one new uut.class (malware) reported as less then a week old. Obviously came from my own site I am developing on shared hosting. Cleaned everything up checked the site on line no malware reported. Today’s local and on line scan clean.

These are newborns . . hacks-viruses so be aware to update your anti virus definitions.

This has been going on for almost a month now. This NS breach was first being reported on April 9th.

Whats it going to take?

I wonder if NS is even going to be able to repair this mess at this point.

Well as far as Commercial Darwinism I don’t think of everything as “competition”. You can succeed outside of that realm of duality.

Anyway open source is good stuff as long we don’t “self destruct” from out of control complexity in the process. Anyway the common thread here is people are getting hacked from the inside. On Hosting Servers that reside in the Top Ten largest providers. We can harden and apply top notch security all we want but if the Host doesn’t have it together forget it. Then the issue of FTP-SFTP. End users need to know how to securely use this stuff. Like filezilla for example. And at this point I can imagine some shared-hosting blogger’s might not even know all that much about their own personal computer security. No offense intended but if your not even running a basic firewall antivirus program and your using easy FTP or something ouch!

I could on and on and on but I won’t.

If you can’t find a shared-hosting that knows what they are doing, then seriously consider moving to a managed blog service like WordPress.COM.

I need complete commercial and creative flexibility and freedom we are selling advertising the old school way. It is a long term project. Full time.

I will probably need to go to dedicated hosting of some kind the issue there though is cost and diligently managing the burn rate of my investment capital. I am financing this project and I don’t have a money tree in the back yard. The only hope at this point is NS “get’s it together” and provides the kind of security customers-end users deserve. If they can’t secure their shared hosting they shouldn’t even be in the business. Actually this is a wake up call for all of us.
There are lots of loose ends that need to be addressed here. Irresponsible blogging is also emerging as a threat now. WordPress probably should have full time reps teaching and educating these Hosting Services getting into the WordPress game “how to do it right”. The WordPress product brand suffers and takes a credibility hit from this kind stuff happening.