Malware Issue II

criminal-portrait-PDA while back, when I first started this blog, I had a malware issue.  I installed WordFence, and it worked great for a long while.

Just recently, I had another attack.  My hosting provider put my site on hold for a while so I could clean up the issues.  They also offered a ‘security 911’ option that I could pay for and get ‘out of jail’.  They also provided a list of ‘infected’ files that I needed to delete.  There were like 120 of them.

I proceeded to delete all of the files, and noticed that they had a common theme.  Most were *.php files.  The names indicated they were old files, like some plugin upgrade renamed them.  Many had the prevfix ‘prev’, or suffix ‘old’.

I deleted all of the rouge files and I am back in business.  If you had trouble with my site, I apologize.

Would a hosting provider ever purposely add malware or hold a site hostage?  I do not think so now, but it did cross my mind while I was attempting to delete over 100 files.  I have since read about the situation on the web and confirmed.  Since I had already upgraded my account when they shut it down, I do not think I was ever at risk.

I received this message from my hosting provider

“We wanted to let you know about a recent security vulnerability regarding the UpdraftPlus plugin for WordPress that you installed on your account.

More information about this vulnerability is available online:

http://blog.sucuri.net/2015/02/advisory-dangerous-nonce-leak-in-updraftplus.html

FOR YOUR PROTECTION …

We are in the process of upgrading your install to the patched version of UpdraftPlus, but now is a good time to ensure that your site is using the latest versions of all plugins or add-ons.

To be clear, the hosting platform was not compromised; as the security vulnerability regarding the UpdraftPlus plugin for WordPress became known, we simply took immediate steps to ensure the online safety of all our customers.

If you have any questions at all, please don’t hesitate to contact us:”

Have you ever had a malware issue?  Or any attack on your blog?

 

 

4 Replies to “Malware Issue II”

  1. Wow! That’s just charming.

    I get slews of spam attacks on my Adjunctorium site, to the extent that WP sends scores of messages reporting wholesale blocking. They seem to be trying that at Funny about Money, too, but so far Akismet seems to be coping there. In the past few hours, Akismet has derailed 740 spam messages at FaM.

    I see you’re hosted at WP.com. That’s interesting. I never had a problem like that when Funny about Money was hosted here, years ago. Came back for Plain & Simple Press because I needed to get the site online quicker than my Web guru could get it together…but find customer service here is nothing like what it used to be. You might want to consider moving your site over to BlueHost, where human beings will speak to you and don’t expect you to figure out hypertechnical issues on your own. It’s not free…but you get what you pay for, I guess.

    1. Thank you for the comment!

      I am actually at Ipage, not WP. I do subscribe to a ‘premium’ service for WordPress. They have been pretty good about taking care of many issues I have had over the past year, most of which have been self induced.

      I have been looking at BlueHost, just have not made the leap yet.

  2. I’ve been using Bluehost for years and for the most part have never had issues. Since they used shared servers, there have been times when my site is down because one of the other sites were getting attacked or having issues. It has never been down for an extended period of time, though, so I’ve stuck with them. They also have a great affiliate program so that has definitely motivated me to stick with them as well.

Leave a Reply