Backend shows no plugins installed on non-hacked site

  • Hi guys,
    Wonder if I can get some help. My site (handycrowd.com) has ‘lost’ all of its plugins.

    I log into the dashboard and I see a brief message for each plugin (19 in all)saying that each plugin has been deactivted due to an error. Then it simply shows that no plugins are installed.

    Server shows the plugin folders all in place.

    So the site is up, but no plugins are working.

    Sucuri reports no issues with malware etc.

    Any ideas?
    Cheers
    Ian

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator James Huff

    (@macmanx)

    Do you have some strange code at the top of each plugin’s primary .php file, or were you running the Mailpoet plugin?

    If the answer is yes to either, you were probably hacked, but Sucuri can only detect front-facing code. It wouldn’t detect such a hack because WordPress already did its job by removing the damaged plugins.

    Remain calm and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    Thread Starter Ian Anderson

    (@ianmanderson)

    Hi, yes mail poet is running and yes I did have strange code at the top.

    I have a strong user name and long complicated password and they can get in through a plugin?!

    I wonder why BruteProtect was no use? I guess because WordPress shut down it’s plugin.

    Thanks for the guide I’ll take a look, thanks for taking the time to reply, kudos!
    Ian

    Moderator James Huff

    (@macmanx)

    BruteProtect would have been no use in the situation, this was a code-level hack introduced by essentially an open door in the MailPoet plugin, not someone actually gaining entry to your site.

    BruteProtect is actually still in operation after the acquisition by Automattic, and still protecting thousands of sites, this was just a different type of hack.

    Please see this for details: https://blog.sucuri.net/2014/07/mailpoet-vulnerability-exploited-in-the-wild-breaking-thousands-of-wordpress-sites.html

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Backend shows no plugins installed on non-hacked site’ is closed to new replies.