bast-hotep
Forum Replies Created
-
Thanks so much for the info and your offer! It turns out that somehow, Wordfence was reporting unusual activity by a particular address that I blocked on cPanel, not realizing that address belonged to either a Cloudflare or Sucuri server. The support tech thought it was a Wordfence problem, but as soon as I removed that last entry from .htaccess, everything was back to normal.
Thanks for your effort! After a bit of research and back-and-forth, I’ve found that CloudFlare is blocking these requests.
So the question is…are these simply diagnostic tests, or are these necessary to enable for anyone visiting the site in order for Jetpack to work? Or do these requests only come from www.ads-software.com and/or your servers?
I’m a bit confused myself because Jetpack always worked previously (although it’s not enabled right now) and I haven’t made any changes to the CloudFlare configuration. I’m talking to the CloudFlare people to find out what’s up from their point of view though.
Forum: Fixing WordPress
In reply to: Site Hacked After WordPress 4.4 UpdateP.S. The code they used was probably one of these two based on files they left around:
https://gist.github.com/laacz/9934579
This vulnerability was discovered in another plugin a year ago (see https://blog.sucuri.net/2014/12/security-advisory-high-severity-wordpress-download-manager.html) but I don’t have that particular one, so the hole is still around.