sallymoos
Forum Replies Created
-
Forum: Networking WordPress
In reply to: Manual WP update for multisite?Thanks,B13story.
One thing that worried me about the automatic update was the but where the database needed to be updated after WP files had been updated (click button stage). If I did an automatic update and then clicked to update the database could i still revert back to old version at that stage?
Sal.
Forum: Plugins
In reply to: Plugin to upload photos from phone and add product information and categoryAnyone? Please? 🙂
Great, thanks, I’ll give that a whirl! 🙂
Sal.
Thanks caimin – but does this not refer to the email sent to the user?
The wording on that email is .. “You have successfully created an account at … etc” whereas the one WP admin gets is “New user registration on your blog .. ” etc?
Sal
Excellent, thanks voltronik!
Sal.
No-one know? 🙂
Forum: Plugins
In reply to: [Project Manager by TPC] Project Manager by TPC vs WP Project Manager ?Thanks, Spencer 🙂
Forum: Fixing WordPress
In reply to: audio tag shows on blog category page?OK, thanks, will do. 🙂
Forum: Fixing WordPress
In reply to: audio tag shows on blog category page?ThemeForest.
Its a 5* responsive theme from an established and very well rated Elite Author. Released in September 2013. Says for “WordPress 3.6” but I’m running 3.7.1 – maybe that’s the problem?
Forum: Fixing WordPress
In reply to: audio tag shows on blog category page?Good shout, esmi.
Emebedded audio works fine on category page when I switch to Twenty Thirteen theme with all plugin activated.
So looks like theme issue. Any pointers as to what would be causing this?
Forum: Fixing WordPress
In reply to: Several sites hacked, including 3.4.2Update: I have discovered the hacker was able to “login” to wp admin by using a backdoor he had left in a Joomla installation on the server (via an exploit in a joomla plugin) which allowed him to delete wp_users and add a new user admin account for himself. That’s why it didn’t matter what WP version installation was running.
The links provided are useful in prevention, but, in a case like this, I don’t think having all the WP updates in place wouldn’t have made any difference? Can anyone advise if there’s anything that could be done to prevent this?
Forum: Fixing WordPress
In reply to: Several sites hacked, including 3.4.2The FTP access logs are empty (other than my logins)
The http logs just show the hacker logging in with his/her new login. THis happened AFTER he deleted the normal “admin” and user accounts. [The normal Admin accounts were all called different from “admin” and were very secure ]
I’ve posted the excepty of logs below showing his track through wpa-dmin, ending on adding the backdoor to the adminimize plugin via Editor (he added the backdoor to the firest pluin in each site)
How did he get access to delete all the admin/user accounts?
[IP] – – [04/Oct/2012:12:43:16 +0100] “GET /wp-admin/ HTTP/1.1” 302 – “-“
[IP] – – [04/Oct/2012:12:43:17 +0100] “GET /wp-login.php?redirect_to=http%3A%2F%2Fwww.SITEHERE.com%2Fwp-admin%2F&reauth=1 HTTP/1.1” 200 3799 “-“
[IP] – – [04/Oct/2012:12:43:18 +0100] “GET /wp-admin/css/colors-fresh.css?ver=20111206 HTTP/1.1” 200 34571 “http://www.SITEHERE.com/wp-login.php?redirect_to=http%3A%2F%2Fwww.SITEHERE.com%2Fwp-admin%2F&reauth=1”
[IP] – – [04/Oct/2012:12:43:18 +0100] “GET /wp-admin/css/wp-admin.css?ver=20111208 HTTP/1.1” 200 104204 “http://www.SITEHERE.com/wp-login.php?redirect_to=http%3A%2F%2Fwww.SITEHERE.com%2Fwp-admin%2F&reauth=1”
[IP] – – [04/Oct/2012:12:43:32 +0100] “GET /wp-admin/images/logo-login.png HTTP/1.1” 200 8891 “http://www.SITEHERE.com/wp-admin/css/wp-admin.css?ver=20111208”
[IP] – – [04/Oct/2012:12:43:32 +0100] “GET /wp-admin/images/button-grad.png HTTP/1.1” 200 243 “http://www.SITEHERE.com/wp-admin/css/colors-fresh.css?ver=20111206”
[IP] – – [04/Oct/2012:12:43:39 +0100] “POST /wp-login.php HTTP/1.1” 302 – “http://www.SITEHERE.com/wp-login.php?redirect_to=http%3A%2F%2Fwww.SITEHERE.com%2Fwp-admin%2F&reauth=1”
[IP] – – [04/Oct/2012:12:43:43 +0100] “GET /wp-admin/ HTTP/1.1” 200 51722 “http://www.SITEHERE.com/wp-login.php?redirect_to=http%3A%2F%2Fwww.SITEHERE.com%2Fwp-admin%2F&reauth=1”
[IP] – – [04/Oct/2012:12:43:46 +0100] “GET /wpth-admin/load-styles.php?c=1&dir=ltr&load=admin-bar,wp-admin&ver=7f0753feec257518ac1fec83d5bced6a HTTP/1.1” 200 27158 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:46 +0100] “GET /wp-includes/js/thickbox/thickbox.css?ver=20111117 HTTP/1.1” 200 3870 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:46 +0100] “GET /wp-admin/css/colors-fresh.css?ver=20111206 HTTP/1.1” 304 – “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:46 +0100] “GET /wp-includes/js/tw-sack.js?ver=1.6.1 HTTP/1.1” 200 3619 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:46 +0100] “GET /wp-admin/load-scripts.php?c=1&load=jquery,utils&ver=edec3fab0cb6297ea474806db1895fa7 HTTP/1.1” 200 36959 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:48 +0100] “GET /wp-admin/images/wpspin_light.gif HTTP/1.1” 200 2193 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:49 +0100] “GET /wp-admin/images/media-button.png?ver=20111005 HTTP/1.1” 200 3117 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:50 +0100] “GET /wp-admin/load-styles.php?c=1&dir=ltr&load=wp-jquery-ui-dialog&ver=3e676db9ea65504c756e11cf9a70be9e HTTP/1.1” 200 1127 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:50 +0100] “GET /wp-admin/images/menu-shadow.png HTTP/1.1” 200 131 “http://www.SITEHERE.com/wp-admin/css/colors-fresh.css?ver=20111206”
[IP] – – [04/Oct/2012:12:43:50 +0100] “GET /wp-admin/images/menu.png?ver=20111128 HTTP/1.1” 200 9680 “http://www.SITEHERE.com/wp-admin/css/colors-fresh.css?ver=20111206”
[IP] – – [04/Oct/2012:12:43:50 +0100] “GET /wp-admin/images/arrows.png HTTP/1.1” 200 494 “http://www.SITEHERE.com/wp-admin/css/colors-fresh.css?ver=20111206”
[IP] – – [04/Oct/2012:12:43:50 +0100] “GET /wp-admin/images/icons32.png?ver=20111206 HTTP/1.1” 200 13441 “http://www.SITEHERE.com/wp-admin/css/colors-fresh.css?ver=20111206”
[IP] – – [04/Oct/2012:12:43:51 +0100] “GET /wp-admin/images/white-grad.png HTTP/1.1” 200 210 “http://www.SITEHERE.com/wp-admin/css/colors-fresh.css?ver=20111206”
[IP] – – [04/Oct/2012:12:43:51 +0100] “GET /wp-admin/load-scripts.php?c=1&load=admin-bar,hoverIntent,common,jquery-color,jquery-ui-core,thickbox,wp-ajax-response,wp-lists,quicktags,jquery-query,admin-comments,jquery-ui-widget,jquery-ui-mouse,jquery-ui-sortable,postbox,dashboard,plugin-install,media-upload,word-count,jquery-ui-resizable,jquery-ui-draggable,jquery-ui-button,jquery-ui-position,jquery-ui-dialog,wpdialogs,wplink,wpdialogs-popup&ver=5942849f845ec3cb08a0cd3337cdb69f HTTP/1.1” 200 57299 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:53 +0100] “GET /wp-includes/images/admin-bar-sprite.png?d=20111130 HTTP/1.1” 200 3999 “http://www.SITEHERE.com/wp-admin/load-styles.php?c=1&dir=ltr&load=admin-bar,wp-admin&ver=7f0753feec257518ac1fec83d5bced6a”
[IP] – – [04/Oct/2012:12:43:54 +0100] “GET /wp-includes/js/thickbox/loadingAnimation.gif HTTP/1.1” 200 5886 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:54 +0100] “GET /wp-admin/index-extra.php?jax=dashboard_incoming_links HTTP/1.1” 200 253 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:55 +0100] “GET /wp-admin/index-extra.php?jax=dashboard_primary HTTP/1.1” 200 1937 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:55 +0100] “GET /wp-admin/index-extra.php?jax=dashboard_secondary HTTP/1.1” 200 1042 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:43:56 +0100] “GET /wp-admin/index-extra.php?jax=dashboard_plugins HTTP/1.1” 200 1337 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:44:02 +0100] “GET /wp-includes/js/thickbox/thickbox.css?ver=20111117 HTTP/1.1” 304 – “http://www.SITEHERE.com/wp-admin/plugin-editor.php”
[IP] – – [04/Oct/2012:12:44:02 +0100] “GET /wp-admin/css/colors-fresh.css?ver=20111206 HTTP/1.1” 304 – “http://www.SITEHERE.com/wp-admin/plugin-editor.php”
[IP] – – [04/Oct/2012:12:44:02 +0100] “GET /wp-includes/js/tw-sack.js?ver=1.6.1 HTTP/1.1” 304 – “http://www.SITEHERE.com/wp-admin/plugin-editor.php”
[IP] – – [04/Oct/2012:12:44:00 +0100] “GET /wp-admin/plugin-editor.php HTTP/1.1” 200 102643 “http://www.SITEHERE.com/wp-admin/”
[IP] – – [04/Oct/2012:12:44:16 +0100] “GET /wp-admin/load-scripts.php?c=1&load=admin-bar,hoverIntent,common,jquery-color,jquery-ui-core,thickbox&ver=36bdd73350ea39f8abd5737571b9f4ea HTTP/1.1” 200 11139 “http://www.SITEHERE.com/wp-admin/plugin-editor.php”
[IP] – – [04/Oct/2012:12:44:29 +0100] “GET /wp-admin/images/button-grad-active.png HTTP/1.1” 200 284 “http://www.SITEHERE.com/wp-admin/css/colors-fresh.css?ver=20111206”
[IP] – – [04/Oct/2012:12:44:30 +0100] “POST /wp-admin/plugin-editor.php HTTP/1.1” 302 – “http://www.SITEHERE.com/wp-admin/plugin-editor.php”
[IP] – – [04/Oct/2012:12:44:47 +0100] “GET /wp-admin/plugin-editor.php?file=adminimize%2Fadminimize.php&liveupdate=1&scrollto=35280&networkwide&_wpnonce=5cbc02be02 HTTP/1.1” 500 2947 “http://www.SITEHERE.com/wp-admin/plugin-editor.php”Forum: Fixing WordPress
In reply to: Several sites hacked, including 3.4.2Thanks, esmi, I had seen these but these are more about prevention and clearing up after the hack. I’m looking info on how to track how he/she got in. Can you offer any suggestions?
Sal.
Forum: Plugins
In reply to: [Plugin: MailPress] Continuous ‘Loading…’ in IE 7 Subscribe WidgetIts a CSS thing …
Add this to the stylesheet
.mp-loading { filter: Alpha(Opacity=0); }
Forum: Fixing WordPress
In reply to: Can’t see site or bring up Admin but OK by proxyNow resolved … sort of. IP was being blocked by host server for multiple login errors BUT I was logged in when it happended. In trying to preview pages WP throws a 404 error and after a few of these, the server blocks my IP for login failures. Weird!