username201701

I was able to fix the issue by restoring my website from backup. I discovered after the fact that Cloudflare was also doing maintenance around the time this happened, so it may have been caused by that.

Of course! Thank you for your quick response.

It’s also being flagged by WordFence:

• The Plugin “GuardGiant Brute Force Protection” has a security vulnerability. Type: Plugin Vulnerable
• Issue Found December 7, 2023 8:01 am Critical

I’ve discovered that it’s being deactivated by Really Simple SSL Pro with the following notice:

“This is the vulnerability overview. Here you will find current known vulnerabilities on your system.

GuardGiant Brute Force Protection – November 28, 2023 – medium severity”

However, no other information is given.

If you still face this issue, see this thread for the solution https://www.ads-software.com/support/topic/events-calendar-time-displays-in-military-time/

Figured it out: I hadn’t set the API to accept traffic from all websites.

My security plugin deactivates plugins with known vulnerabilities. When I reactivated your plugin I see that it is now at v2.9.2 – is this the latest release which has fixed the above referenced issue?

Thank you for your feedback @gappiah. You’ve answered my question on this topic. Marking it resolved.

Ok thank you for clarifying. Another developer built the site back in 2017. Since then, there’s never been an SMTP plugin being used with Google servers, and I had not noticed any email deliverability issues. However, I just looked in the “mail” folder in cPanel and I see numerous files in the “cur” folder that show that messages from the website weren’t being delivered to my gmail account. But some got through to my gmail. So I can only assume the reason it was not flagged sooner is because emails from [email protected] being sent to [email protected], for example, were going through without a problem.

Yes, the domain is now on 1 blacklist. What do I do? Does this mean that the domain is being spoofed to send fraudulent emails? How would I stop that? Thanks again.

I have never used an SMTP plugin for Google, I’ve had the appropriate DNS records set up and everything worked fine…until now. The hosting company said I’m trying to use their SMTP, but I didn’t make any changes for that to happen. Could the domain be hacked or is it being spoofed?

SiteLock said everything looks good and my hosting company said the folder is automatically generated by the LiteSpeed web server, so it’s safe. I’m going to close this thread thanks for the help!

Thanks @wfpeter the problem may have been with the Elementor plugin and WooCommerce exploit, which I read about after the attack. Can’t say for sure though because I had just updated plugins on April 1, after the supposed vulnerability had been identified (and fixed?). Another plugin that may have been an issue was the tooltips plugin I was using, from what I recall Imunify360 found the malware in that folder.

@dimalifragis yes, I was running Litespeed Cache. I found it suspicious that the file folder for lscache was in the home directory and set to 2770 even after I had deleted the plugin. I deleted that folder and my website automatically loaded faster. The folder came back so I thought maybe it was for server-side caching, but I still thought it was suspicious that it returned, so I deleted it again, and it’s again returned.

I have reached out to SiteLock to help clean the site only because Wordfence didn’t catch the exploit on the website in the first place, so I’m hesitant to pay for premium services. This is actually the 3rd site for me that’s been hacked with the Wordfence plugin protecting them.

Yes thank you! I found a pop-up plugin that works great. I tried a few and landed on this https://www.ads-software.com/plugins/popup-maker/ – it integrates perfectly.

I was able to create two popups, one with the button trigger and one with an entry trigger. They are styled the same so it looks like the same form with both triggers. When a user visits the site they see the pop up, and the button. They can click out of the pop-up and when they click on the button the “same” form presents. It works great.

I now have a question regarding size. I am using the responsive design mode with very little padding, but it’s still a little too big. I see that I can change the dimensions, however, I am using a Contact Form 7 embed so the styling is all wrong when setting fixed dimensions. I can’t figure out how to make it look good. Suggestions?

Thanks!

Great thanks! Is there a way the button can be hidden when the pop-up is open?