Muge

@mrtom414 Sorry, I am just seeing your question.
Yes, I succeeded getting rid of the malware after 3 months struggle as they kept re-appearing regardless of cleaning, re-installing wordpress, and using malware software, blockers, you name it.
I did a clean slate. I had about 40+ websites and some have time difference between North America and Europe. YET, I took them all down. Cleaned the websites and child-themes folder-by-folder AND file-by-file. The malware was getting in even into the wp-config.php file.

If mega companies can take their websites down (temporarily), so can I — that gave me some courage.
Started from the most important websites and put them back one-by-one. There was no other way. All WordPress and plugins were clean installed. Databases were not affected.

Just a little warning: when I say, take down the website, one has to be very strategic and careful.
I ftp’ed all I can from the website ‘as is’, except for WordPress and the plugins. You can’t use Duplicator plugin.
Cleaned the sites up ahead of time. Everybody had to stop working or adding stuff. When it came to ‘clean slate’, it was sudden.

It was crazy work. It worked though.
I also took hard preventive methods. Check WordPress securities on what to add to your htaccess files, use softwares. I like WP Cerber plugin. As to Admin access to WordPress, I added IP restrictions so only limited people can access, etc.
So far so good.

• This reply was modified 3 years, 5 months ago by Muge.
• This reply was modified 3 years, 5 months ago by Muge.

@govindvkumar The ‘blog’ folder is automatically created due to some malware. It may also have a ‘forum’ folder or something else that is not part of WordPress install.
I am dealing with this problem for months now. You may also find files with scrambled names (similar to 0jtcpann.php,7jimqxji.php, 7m7s6k6m.php, and so on). Or you may find an index.php file created arbitrarily inside your .well-known, cgi-bin or inside your uploads folders. See if you have any of that happening.
This is the most difficult malware I have dealt with so far. It came during a migration of the website.

I passed your message over.

Cheers.

@socialdude
Thank you!

Corrected.
Sorry for the glitch. My head is spinning from all the install/uninstall, testing.. emails, clients..

Much gratitude and respect to you, Plugin Author ??

Hi John,

I am very sorry for my delay in re-evaluating your plugin. Just last night, I finished some project and thought in getting back to you this morning.
I really like your plugin. It was fantastic to begin with. Just the little glitch turn-around bothered me as I came across with many WP plugins that are being pushed out there with inferior quality and not ready at all. Or some are totally commercial traps and our waste of time even going through the whole ordeal on testing and testing, nevermind the big problems they can also cause to our WordPress installations.

Yours is by far one of the superior ones. Thank you.

The link by Andrew worked. I was able to change my rating and comment. Sorry for the commotion. Thank you again and best wishes!

@jan Dembowski I see I cannot change my rating. Can you suggest a way please?

@jan Dembowski I think I said that I did not know where to report bugs. Never opted using WP before. If I had given 5 stars, that would have swallowed away my testing. I am giving it my time too as a tester and possible customers. Thanks.

@pluginauthor again my apologies for the rating it will change shortly anyway. Sorry for the shock. It truly is a great plugin and your work is much appreciated.
Now to my latest testing:
#1 You were right about the Admin and Client emails. Sorry… this time the client email didn’t work. Admin received email.

#2 Works great. Thank you for the update, you guys are like spit fire. I also realized you made some updates to the payment.

#3 Since I didn’t receive a client confirmation email, I do not know of the ‘Request Cancellation’ is working.

Sorry, I did not have the chance to check out again. Need to install and go through steps again but been busy with IT holiday demands. Will do so at the earliest.

I can’t seem to reply there. I posted a reply to your questions, but it is not showing up.

Dear socialdude,
Being in IT myself, I know all our difficulties and I have an extra span for our community. I see us as peers. The plugin itself, your design is fantastic! But as I started tweaking things around to make it work for my website standards, I started seeing the sneaky pitfalls of your design.

-First, the signup letter goes ONLY to your site. There, you have your own blogs that the user follows, which never gets returned to our own site. Meaning, according to Google SEO standards, your plugin discounts the longer stay on the source site by being redirected to an outside website where the person is rather held back. That’s why I called it ‘stealing’.

-Second, I tried redirecting the signup procedure to my own site by going into the codes. I changed all redirects away from ‘specificfeeds.com’. I was going to leave your redirect address only as a reference, since you are the creator of this plugin and certainly need to be credited for.
The email link continued redirecting me from which I found you have added a non-obvious, I forget the technical name for it now, but it is some encrypted link still forwarding to ‘specificfeeds.com’ site.

-There is an available slot for manually configured social media link in your content management, but the ‘Email’ icon which cannot be moved from the very top (or first), gives the impression that the signup belongs to the source website, NOT to where it is being redirected.

-Then I decided not to waste more time on a plugin that is meant to put up a few social media images and links supposedly linking to our social media sites. I could not deactivate and uninstall it from the dashboard. I went through my FTP platform to remove the plugin. I also read a review that someone else had the same problem with uninstall.

-I wanted to access your rating system, but had to do a turn around through WordPress in order to post.

If you can suggest a way to NOT link the email icon to the ‘specificfeed.com’ site, I would be happy to give your plugin another try.

Don’t worry about vertical too much. Check their follow me ‘Email’ icon.. and it ALWAYS goes to their site. Google rates you by Social Media coming to YOUR site. If you pass it on to them… your traffic will go to these guys.. and believe me.. adding a few images with links to your Social Media is no big deal. DELETE them if you can. If you cannot, I am happy to assist you. Install a file transfer commodity, like Filezilla or whatever you feel you can trust, and press the delete button inside >wp-content >plugin > Ultimate Social Media Icon Plus. They don’t deserve to be on WordPress for their unethical practices. Wasted my time with these guys supposed plugin…