Well thanks to some low life I had my best performing blog attacked and rendered useless overnight. The offender has somehow got into Go-Daddy and infected self hosted wordpress blogs.
I did the right thing and uninstalled the blog and then did a complete re-install and still infected.
The way I removed the offending source code script "cechirecom/js.php" was to go through and deactivate all my plugins. I then edited the plugins and remove the top source code that looks like this.
"php /**/ eval(base64_decode("aWYoZnVuY3Rpb25fZXhpc3RzKCdvYl9"
That code is about twenty sentences long.
It will be in your plugins code and theme code php files right at the top.
If your infected you will see the code above the bottom body tag. Go to your blog, right click and view source code. Scroll to the bottom and hope like hell you do not see the script.
There is more information at http://www.wpsecuritylock.com/cechrieco … ase-study/
hmm, not sure if I did the right thing. I just renewed my domain name and set up hosting with godaddy. and installed the wordpress
2.9.2 publishing platform. I don't think that's what I intended to do!! I wanted the traditional Wordpress download for my site.
now what??? does anyone use this?
Thats correct - you one click installed rather than downloading direct from wp.org and ftping to your directory
most people who self install - fail to set up strong security keys, the one click incorporates those steps
I don't remember before my URL being: _____/wordpress. it was just my name.com. I guess I'm confused.
Probably wasnt - you will have to uninstall - then reinstall- this time with the directory left blank. I think GD autosuggest a wordpress folder for you
actually I think I need to go jump in the pool, it's making me crazy. now it keeps saying authentication failed and I'm entering the exact customer # and password. I haven't used godaddy before. if there are problems there... geez.
I wasnt to happy the first time I tried to get Wp install up through Gdaddy - eventually, I just called! , the tech support for little things like a wp install is not bad - they usually try and upsell you but that is easily shrugged off (the over the phone deals can be pretty good though)
A pool huh! ...its like 50 here in nY - wacky weather -no May flowers or at least they are getting frostbitten now.
it's nerve wracking... I finally got in. I was capitalizing a letter... but when I uninstalled it, it still hasn't uninstalled, it's still showing installed. it's comforting to know you also had problems, now I don't feel so tech-challenged.
so, yes, it's time for a swim. it's 81, sunny, I should have been out there this afternoon..
I used to live outside of Albany, we only stayed 2 years. I couldn't believe how long the winters were, oct -may, there was snow on the ground. now I'm spoiled big time. I'm cold in 50 degree weather.
well im worried because the snow didnt hit until dec/jan - does that mean cold weather til june/july! ?
Ill be a west coaster soon enough
but as for the techy part - it can take as long 12 hours for your "request to be processed" its usually done within an hour though.
Forget about it and go to the pool! should be sorted out by the time you return.
aarhhhhhhggg. I don't think I like godaddy! I uninstalled and reinstalled the wordpress 2.9.2. received the email with the link to what is supposed to be my site and it doesn't work!!! I already paid for a year of hosting and I can't get to the WP site.
edit, i finally got it figured out. thanks for helping SF.
I still have a couple of dozen live sites on my godaddy hosting - nothing seems to be off with them.
What gives you the impression that "go-daddy" self hosted blogs were attacked and infiltrated - rather than YOUR self hosted blog on godaddy hosting was infiltrated?
Was there a notification - I would be mad cuz I didnt get any email or notices!
What plug-ins were you using? have you been updating your wp install to keep up with security fixes?
I don't use Godaddy for my selfhosted blogs. I use bluehost.
Good for you! Congrats! Awesome! Very good to know!
@terry, I am reading your past post (http://hubpages.com/forum/topic/43093#post996571) about the malware infection across godaddy - fort knox huh! - sounds nasty
Must admit, Im more concerned that the military/government is using shared hosting at a commercial host - I would have hoped they ran their own secure servers
I read the link you posted and it seems tha tmost of the people infected had poor security measures up, however it also says your website can be rolled back to before the infection.
I am in the process of leaving servage after the messed up again, however thanks to them one of my highest earning websites got knocked down and never recovered in Googles rankings.
I am currently moving my hosting to hostgator, my domains to GoDaddy.
I don;t host on Godaddy. Actually I moved out of Bluehost, too - since they implemented CPU throttling. Every single one of my sites appeared to be too heavy for them...
Bandwidth bandits are prolific too!
My daughter is re-hosting her subscribers yet again because of the difference between stated cpu and bandwidth she paid for and what they could actually deliver.
They all offer high figures, most of it based on people failing to use use what they have paid for to carry the load for the bigger users.
It seems if you really need good hosting it costs a packet!
So where did you go? I have everything with Bluehost. For me it is fine as I'm so little
I went to several places including a couple of instances of Hostgator and Pronet.
by Connie Smith3 years ago
I need serious help! I am taking a web design class and my final project -- due in TWO weeks -- is my website, done through Dreamweaver. I do NOT want a free site. I plan to use the site so want a good...
by Christina6 years ago
Okay, I will try to explain this as best as I can....I have a wesite. I also have a program that I purchased online that submits my websites to 200 of the top serach engines in 6 different countries. I have...
by Shadesbreath5 years ago
I bought a Godaddy domain (so don't tell me that was dumb, because it's already paid for, so it doesn't matter if you agree or not with that choice lol).So, should I use their hosting ($2.99 a month if I pay 36 months...
by Dorsi Diaz4 years ago
I got my name domain yesterday and am going to give this another shot. The hosting by GoDaddy is OK but too generic looking for my tastes. What is the best place to host your website in terms of ease of use and ability...
by leigia6716 months ago
I am considering creating a web site and would appreciate comments/suggestions. I am fairly new to this and the only web hosting/creation site that I know is godaddy.com but I am sure there must be more.
by Dorsi Diaz7 years ago
I've tried this twice before, once through Yahoo (mistake) and once through VistaPrint (another mistake and they now have my name hostage). I once had a great site that a webmaster maintained for me and that was a good...
Copyright © 2016 HubPages Inc. and respective owners.
Other product and company names shown may be trademarks of their respective owners.
HubPages® is a registered Service Mark of HubPages, Inc.
HubPages and Hubbers (authors) may earn revenue on this page based on affiliate relationships and advertisements with partners including Amazon, Google, and others.