• Resolved viennamex

    (@viennamex)


    I have installed the latest BulletProof on a site that was hacked by a javascript hack that added the following lines to every php file header in WordPress including plugins.

    [ redacted, please don’t post a malware snippet like that again. ]

    …that’s just the first few lines. According to a 6scan this was due to a comments hack through the wordpress comments file.

    It killed my plugins and would quickly rewrite the javascript in all files in my website WordPress template. I finally had to completely remove the template, re-update 3.5.1, and base my site off a re-uploaded Twenty Twelve theme.

    As soon as I thought I had eliminated everything — I could not find any evidence of the code being written into the WP tables themselves or into the WP comments values.

    Using BulletProof I seem to be clean after a day. Now I want to buy BulletProof Pro.
    Especially since I see that you say you “firewall” the /plugins folder.

    But it leads to these 3 questions —

    Running a free scan from 6scan it alerted me to a problem with the commenting.

    1) Do I understand that even with a BulletProof Pro plugin that you do not offer the same kind of online Scanning for Problems that 6scan does?

    2) Does BulletProof Pro prevent the kind of javascript injection method that may have been used in this hack via the word press commenting file?

    I did not have commenting enabled before but I have now commented out the PHP call to the commenting file in two TwentyTwelve template files. AND deleted the wp-comments-post.php file altogether.

    3) Do you have a description from your experience of how WP sites are getting hacked with this same header injection hack that I experienced? Year after year WP sites get hacked with some form of the same hack yet when you Google this subject it does not seem that even WordPress itself alerts you to prevent just this sort of thing.

    (I did change my FTP password — it was unguessable before and it is still “unguessable”)

    https://www.ads-software.com/extend/plugins/bulletproof-security/

Viewing 6 replies - 16 through 21 (of 21 total)
  • Thread Starter viennamex

    (@viennamex)

    I would also think that the IF the Zend Optimizer extension is NOT installed on your customer’s host server that your SETUP would specifically WARN this!

    I presume this is why the php.ini setup is failing for me by continuously rejecting the file paths that I enter while following the RECOMMENDED paths and the Diagnosed paths.

    But, this is a Big Issue. ZEND OPTIMIZATION Extension REQUIRED.

    Never read that anywhere.

    Thread Starter viennamex

    (@viennamex)

    Thanks for that information. But, when I read these before they indicated that what took priority over the steps you are referring to was the SPECIFIC WEBHOSTING SET-UP.

    So, when looking at your instructions for 1and1 in the USA and Europe, I followed THOSE steps because your instructions stressed how important it was to tailor the PHP.ini setup to your 1and1 instructions.

    This is where you specify the Zend Optimizer that must be self-installed.

    Plugin Author AITpro

    (@aitpro)

    That 1and1 custom php.ini setup for php5.2.x is pretty old so things may have since changed on 1and1 hosting. The whole custom php.ini file creation has become a very complicated and complex issue since php5.3.x was released. So what we recommend is that you contact your host to find out exactly what requirements your particular host has. Each web host has their own unique specific requirements for custom php.ini files and trying to keep up with 1,000’s of different web hosts is something we gave up trying to do over a year ago. ?? Also setting up a custom php.ini file for your website is completely optional and since the creation of newer security features in BPS Pro the custom php.ini setup is not really that important or significant anymore.

    Thread Starter viennamex

    (@viennamex)

    It is 8:30 pm here. I have to stop.

    I went through the 10, 000 steps and got all kinds of nice Green Success messages but it still will not agree with the location of the installed php.ini.

    I am turning this over to you, Edward.

    I will email you your Admin Entry.

    Thank you very much.

    Plugin Author AITpro

    (@aitpro)

    Yep, custom php.ini setup can be a nightmare on some hosts. My colleagues warned me that it would be insane to even attempt automating this for 1,000’s of different web hosts, but I like a good challenge. LOL

    Yep, create a temporary Admin account and I will get the custom php.ini file setup – if 1and1 still allows this and if 1and1 is not having issues/problems with PHP5.3.x like many hosts worldwide.

    https://www.ait-pro.com/aitpro-blog/4349/misc-projects/wordpress-tips-tricks-fixes/php5-3-x-php5-4-x-user-ini-file-does-not-work-known-php5-3-x-user-ini-fastcgi-wordpress-zend-issue/

    Thread Starter viennamex

    (@viennamex)

    Well, Edward, I am grateful you are just “insane” enough to stick your head rather deeply into this whole business!

    Email sent.

    Thanks Muchly!

Viewing 6 replies - 16 through 21 (of 21 total)
  • The topic ‘BulletProof Pro?’ is closed to new replies.