xsiv
Forum Replies Created
-
This plugin was my choice for all the sites I build. Now Im getting these popups.
How do I disable the popup from the dashboard?
Why build this plugin with popups with we have widgets on our dashboard.
I won’t be using this plugin anymore. it’s full of bloat now ??
DisapointedForum: Plugins
In reply to: [Meks Easy Photo Feed Widget] Error message after deleting pluginI am having the same issue after not be able to get it to work. The Plugin has been working. but suddenly Stopped.
We should be able to hide the warning. Just sorting out the code for this. i will let you know how i get onim sure the above is a block while on learning mode?
Malicious File Upload
Hi All
So I decided to use agent ransack to scan through my files and look into my SQL database. I used all in one wp migrating to download the site and used a program called Traktor to extract the backup.I look for expressions of wp-file manager within the SQL database
I found this. is it whitelisted in wordfence ?? I’m not sure or has this been blocked and its a log ?
DROP TABLE IF EXISTS
SERVMASK_PREFIX_wfhits
;
CREATE TABLESERVMASK_PREFIX_wfhits
(
id
int(10) unsigned NOT NULL AUTO_INCREMENT,
attackLogTime
double(17,6) unsigned NOT NULL,
ctime
double(17,6) unsigned NOT NULL,
IP
binary(16) DEFAULT NULL,
jsRun
tinyint(4) DEFAULT ‘0’,
statusCode
int(11) NOT NULL DEFAULT ‘200’,
isGoogle
tinyint(4) NOT NULL,
userID
int(10) unsigned NOT NULL,
newVisit
tinyint(3) unsigned NOT NULL,
URL
text,
referer
text,
UA
text,
action
varchar(64) NOT NULL DEFAULT ”,
actionDescription
text,
actionData
text,
PRIMARY KEY (id
),
KEYk1
(ctime
),
KEYk2
(IP
,ctime
),
KEYattackLogTime
(attackLogTime
)
) ENGINE=MyISAM AUTO_INCREMENT=266 DEFAULT CHARSET=utf8;INSERT INTO
SERVMASK_PREFIX_wfhitsVALUES (220,1600130197.644300,1600130196.513430,'\0\0\0\0\0\0\0\0\0\0??4?“a',0,404,0,0,0,'https://mydomain//wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php','','curl/7.68.0','learned:waf','Malicious File Upload','{\"learningMode\":1,\"failedRules\":[11],\"paramKey\":\"xxxxxxxxxxxxxxx changed info\",\"paramValue\":\"xxxxxxx=\",\"category\":\"file_upload\",\"ssl\":true}');
Hi I was just going to post a question about wp-file-manager
I know this plugin has a massive vulnerability to give hackers access to ur domains root director.I have seen the same thing on my firewall. With random people bots been blocked from uploading wp-filemanager
One thing I found interesting, I could see it been hit and blocked in my wordfence
I check the file location and I could not see it there.
I did a search on the root of my server and found wp-file-manager-pro in 2 directories. This was never installed by me as i like to use filemanager
I deleted it and refreshed the file manager ? found the folder in my uploades area not plugins.
This folder wp-filemanager-pro came back every time I deleted it
I renamed the file then set permissions to 0000. Then I deleted it again after about 30 min it came back with the new name. I watching the live traffic on wordfence to see if I could spot any uploads. but nothing
All passwords were reset for the 2 domains.
2fa for the server access etc.
I found inside the wp-file-manager-pro upload 1 file with no extension no permitions etc called fm_backup – inside this were 2 more files
index.php and index.html.I managed to zip them up and download them.
after that. the files inside the directory fm_backup disappeared. As someone deleted them. even when I have 0000 permission on the main wp-file-manager-pro
running wordfence premium on both sites and set monitoring to all traffic.
I hope it’s not an inside job from the host. as they were trying to sell me an overpriced security upgrade. 300usd per-domain.thoughts
You can set the security to xmp-rpc in file manager to 0000
i think that should workHi John, great plugin,
im trialing the demo, so far its looking good
https://173.254.18.185/sharpimagery/social/i will be looking at getting the pro version ??
hi John. I have been looking for a insta plugin that removes the white background. My new site im making for a friend uses dark background colours. whats the highest resolution we can pull the images through as ?
many thanks
si
Forum: Plugins
In reply to: [Sticky Popup] Shows home page instead of contenti used the built in form, got a tone of spam,i suggest using formidable. it works great with reCAPTCH, all tho u need to use short code to insert it
Forum: Plugins
In reply to: [Sticky Popup] Shows home page instead of contentthank you so much Neezurft, you solution worked ??
Forum: Plugins
In reply to: [Sticky Popup] Shows home page instead of contentThanks for the info , how did u clear u cache ? i dont use wp super cashe etc
Forum: Plugins
In reply to: [WordPress Button Plugin MaxButtons] Disable max button on mobile sitethanks ??
Forum: Networking WordPress
In reply to: Multi Site for absolute beginnershey mate,
who are u using for hosting. u need to go to the domains area of ur host, click add domain, put the name in, sub.mydomain.com
make sure the tick box is set for sub domain, set the folder location and ur doneForum: Plugins
In reply to: [Sticky Popup] Shows home page instead of contentstill looking for a solution, i be happy to pay to find a fix for this.
Forum: Plugins
In reply to: [Sticky Popup] Shows home page instead of contentAny Information on resolving the home page displaying instead of the contact form would be greatly appreciated. its a great plugin i just need it to work.