ejwjohn

John,

Browser cache cleared, the screen shot is here:-
Redirect

When i select check Redirect it comes back OK.

Thx

JohnW

Hello,

Sorry but that did not work either..

JohnW

OK,

Slightly different response now i am getting 404 errors.

I went through all my redirects that were set up, and discovered that there were individual event/etc/etc redirects, so i have removed them all, and now the error is a straight forward 404 but the target URL that returns is strange.

it is glandorevillage.ie/events/glandorevillage.ie

thx

John W

• This reply was modified 6 years, 5 months ago by ejwjohn.

Hello,

Thank You for your response.

However i seem to be getting an issue.

i inserted /events/.* in the Redirect from URL and i inserted the home page for the sire in the target url glandorevillage.ie

and i am getting redirect errors.

Have i missed something.
thx JohnW

Hello,

That is brilliant thanks.

John W

Ok, thanks, i am nearly there i changed it to the following as i cannot use the Odd or even tag

.tablepress-id-11 .row-1 td {
text-align: center;
}

What i am struggling with now is how do i specify the same thing for more rows, do i have to repeat the complete statement every time for each row?

Thanks

John W

OK, Thanks… glad that worked out.

John W

Hello,

In my case there was no malicious code embedded into the site, the code is loaded as a result of an embedded link generated from within the weather widget. Which then loads the Coinhive code into the pc/mac of the user, which proceeds to “steal” spare hardware processor capacity to perform its deeds….. end effect your pc/mac slows down without you knowing….

Well this is what i believe….

John W

Hello,

wpsolutions.

yes received email thank you, will think about that….

John W

Hello,

Just checked and today they seem to be coming from all over China and Russia, but previously i thought some were from Ukraine.

There is no common user agent string either.

Thanks

John W

Hi,

The issue is that they are using different IP’s, I suppose i could work my way through the 404’s and do it that way, but i was hoping for a more automated solution to try and put a temp block on for the time period set in AIOWPS, as these are probably dynamic IP which could be use by valid individuals at some time….

Thanks

John W

OK, Thanks for the quick response.

That has fixed it.

Thank You
John W

Thank You.

I continue to learn…… i am still relatively new to the WordPress environment, and it is good to know that the support is there and people are generous with their time.

However, from my perspective, i need to reassess how i deploy and test sites, with proven reliable plugins.

Thanks

John W

Hello,

Further to my last response if you want to read some pretty negative press about this developer read the following:-

https://www.ads-software.com/plugins/weather-for-us-widget/#reviews

When i downloaded this plugin these comments were not available….

Anyway. progress one more bad guy identified.

John W

Gareth,

Firstly, Thanks You for taking an interest in my issue, and doing all that work.

The issue was caused by a plugin for a Weather widget called Weather for us. Which i had on every page.
Based on your response, i remembered that one fo the tools i had used in the past was GTmetrix, to analyse the sites performance, but one of the things it does is list all the accesses both ways to and from the web server hosting the wordpress site. I found the associated request for the malicious URL within the GTmetrix “waterfall” page were it clearly showed the request and how long the process was taking, also slowing down he site… and as the weather widget was on every page it was not difficult to prove that this was in fact the cause of the Malicious code.

Once i removed the Widget from the pages the request to the URL stopped. I will check with my Hosting company, but i am confident it is sorted. thanks for your help.

John W