watershare

Hi Gerroald

Will i loose all my Wordfence settings if i delete it like that? I have blocked so many IPs, as i was under serious attack the past few weeks, and only my Wordfence protected me…

My dashboard seems to be working fine, do you think i should just wait for it to correct itself?

Hi Fahim – done already 🙂

(though i still need some assistance – lol)

Hi Fahim

Thanks so much for getting back to me.

I also added some additional questions there, that may be helpful to users here:
– when viewing some of my pages on mobile view, they are all out of proportion, with added padding on the one side

– i need to understand the CSS Save Method on the WP PageBuildier Admin panel – which is better, to save the CSS in the Header, or in the File System?

Also, will cleaning the WP PageBuilder on the WP Admin panel, and changing the CSS Save Method on the WP PageBuilder Admin Panel delete my carefully built pages, or will it solve my problems?

Looking forward to hear from your Support \Engineer

(Btw, so far, i LOVE the plugin!!)

@jnashhawkins thanks again – you have been very helpful (although that last part about using cloudfare went completely over my head, lol)

But i will follow your suggestion, and take a breather after all of this has been fix first, and then investigate Cloudfare, maybe over the holidays..

I have four more questions – lol – here goes:
(1) how do i remove that “impunify” rubbish from my landing page?
(2) how can i secure or change the location or design or settings of my landing page in the meantime until i go to cloudfare?
(3) is my training site safe, or could the hackers get in and break it as well?
(4) should i report the security issues with these plugins somewhere, so that my bad experience can be prevented from happening to someone else?

Its OK if you cant answer all of them – lol – i am just trying to keep myself from getting panic attacks over all of this 🙂

• This reply was modified 7 years, 2 months ago by watershare.

@jnashhawkins , thank you very much for your reply

I followed the suggestions of @binarywc and @t-p , and contacted my provider. It turns out that there was malware hidden in TWO of the plugiuns that i had installed, namely Yoast_No_Adds, AND Admin Page Spider. Admin Page Spider even removed my admin privileges, and although i disabled plugins, one of these two plugins kept kicking me out…

Yes, i have two discrete WordPress installs – fortunately, as i am marketing a training course right now on my RTraining site (which is running Agama), and would have jumped from a bridge if the training site was also compromised… I killed those two plugins immediately on my training site.

I DO have Wordfence running on both my sites – lovely plugin, but they did not detect the malware injections. I have NO IDEA who http://iyfipun.com/ is – i suspect they are the hackers behind this? I even received an email from “attack.net” warning me that my site is infected just now, and “offering” to “fix”” it for me, at a price, of course… I will definitely follow your suggestions, and also install iThemesSecurity and Sucuri scanner.

The long and short of the problem on my Services site is that we are going to have to create an entire new database, and new website, and i am going to start from scratch.

I have no idea on how i can set my site up differently from the way it is currently set up, with the separate discrete html page outside of WordPress, or how to put my site on Cloudfare – any suggestions or resources in this respect would be greatly appreciated 🙂

And thanks again – i have learned my lesson the hard way – my mistake was to be too eager to update my site, and i installed plugins that i should not have installed 🙁