| Question: |
Hello tell me what to do . When you visit sites that are in my account from Google search , my antivirus complains and says that the Trojan, you can find out when it was infected? how did it happen? what should I do? |
| Answer: |
Hello. When was the contamination is hard to say. Please wait we will check your account for viruses. |
| Question: |
what do I do if there are viruses ? |
| Answer: |
please Wait, your account is verified. |
| Answer: |
Here the validation report: /public_html/AI-BOLIT-REPORT-__-970602-12-10-2016_22-39.html Download it, open and note the infected files. They need to be cleaned. Or open the link: http://webserfing.com.ua/AI-BOLIT-REPORT-__-970602-12-10-2016_22-39.html |
| Question: |
and backup sites clean? |
| Question: |
Can be rolled back? |
| Answer: |
in became the same file |
| Question: |
how to know when an infection has taken place? |
| Answer: |
review the dates the infected files |
| Question: |
if I created a backup from the panel , was then pumped through FTP archive. How do I correctly fill? |
| Question: |
Pour archive |
| Question: |
why as soon as I moved to Your hosting You promised me that constantly scan websites and in case of suspicion or detection of virus You are reporting. Why do You not even report the burglary and can`t focus when this happened? Why your leadership does not think about websites that are located near You. at the moment I`m on your hosting resulted in many sites. many of the clients I started just program. Now were going to have three more. last week moved out of my client who had you have more than 4 sites. It constantly broke. My sites are hacked regularly. Backup you do at the weekend and store at least two versions. If I don`t solve the problem with the infected will be forced to bring all the customers from You , they are in my account , affiliate program and those who wound up without . And the fact that You all say that the sites are vulnerable and you have infected and harmful software installed ...... All zhto clear .... My friends web masters You write one and the same , after moving these masters disappeared problems with hacking. Comes to a Conclusion that the three Webmasters that were formerly the sites You`ve been hacked, and at the other hosting already. Sites are not to blame blame the hosting. you can blame the problem on webmasters, but thank about your hosting is already going ahead . Think about it .... |
| Answer: |
the Hosting is irrelevant to hacked can not have if the site has a vulnerability . Sites need time to update and monitor the emergence of new vulnerabilities on the website of the developer. Anyone have any problems disappeared after moving? we know the hosting sites that do not pay attention to the break-ins, we often run with other famous hosting sites , and when checking it turns out that the site would be completely infected, and even hosting them were not informed about it, not speak already about that that there is no one sites are not checked. Before blaming the hosting you need to clean all the sites. study material https://revisium.com/kb/not_hosters_fault.html we see you have at least several vulnerabilities here`s an example virus /home/katya040/public_html/stomatologiya.dp.ua/wp-content/uploads/2012/12/page84.php for some prichny you allowed to upload php scripts? directory /home/katya040/public_html/stomatologiya.dp.ua/wp-content/uploads/2012/12/ the wordpress engine is designed exclusively for images. wp-content/ wordpress needs to be soon!! image! why don`t you set up a website that would allow Onna download php skripti? dalee /home/katya040/public_html/stomatologiya.dp.ua/wp-content/cache/supercache/eclipse-ua.com/dir58.php how long updated super cashe? https://xakep.ru/2015/04/07/wp-super-cache connect to sites service https://virusdie.ru/ and run the test. the service is free for the first day |
| Question: |
We can argue endlessly who is to blame... Then why not coming from you, messages or letters from that site hacked? it may take two weeks and no messages. If You are informed on time about the hacking website and it is infected (as You wrote You are constantly scanning All sites ) could be time to roll back . Why backup from Sunday? do at least one more at the beginning of each month. |
| Question: |
Here`s Your quote from our correspondence Software (and not even alone :) ), continuously scan all servers in a circle, as I just finished a scan, start a new one. Moreover You can scan:http://screencast.com/t/q1SG4ZR1C0hh27-10-2015 | 14:25:40 |
| Question: |
If Your anti-virus scan with messages that the site is infected? |
| Answer: |
antivirus just scans and eliminates viruses. antivirus works with all the files n6a severe. it is not known who owns which file, so soobshenia to send he can not function as additional skanowania you can vospolzovatya when you want , it`s completely free, other hosting this Daye do not offer. |
| Question: |
I didn`t do anything so as not to allow to upload php scripts , and your comment why you have not configured your site that he is not allowed to upload php scripts? Maybe my omission. But I cannot do it and, unfortunately, how to prevent the uploading of php scripts I don`t know. Themes I have purchased , only the official plugins were. How to make a ban I don`t know. |
| Answer: |
install plugins sanity to the site, which is forbidden to do |
| Question: |
what is sanity? it ? |
| Answer: |
sorry , typo - protection plugins protection |
| Question: |
clear |
| Answer: |
also can recommend to change the rights on folders and files for wordpress you can do so chmod-R a-w ./wp-content/
chmod-R u+w ./wp-content/uploads/
chmod-R u+w ./wp-content/cache/
chmod-R u+w ./wp-content/upgrade/
chmod-R u+w ./wp-content/gallery/
chmod-R u+w ./wp-content/wptouch-data/
chmod-R u+w ./wp-content/widget-cache/
chmod-R u+w ./wp-content/wpseo-import/
chmod-R u+w ./wp-content/thumbs/
chmod-R u+w ./wp-content/w3tc/
chmod-R u+w ./wp-content/aiowps_backups/
chmod u+w ./wp-content/*.php
chmod-R a-w ./wp-includes/
chmod-R a-w ./cgi-bin/
chmod-R a-w ./wp-admin/
find . -name `.htaccess` -exec chmod 0444 {} \\;
find . -maxdepth 1 -name `*.php` -exec chmod 0444 {} \\;
find . -name `index.php the` -exec chmod 0444 {} \\;
chmod 0444 wp-config.php
chmod u+w ./wp-content/plugins/all-in-one-seo-pack/all_in_one_seo_pack.log
chmod-R a-w sxd
chmod-R a-w myadmin phpMyAdmin myAdmin
find . -name `error_log` -exec chmod a+w {} \\;
find . -name `*.dat` -exec chmod a+w {} \\;
find . -name `*.ini` -exec chmod a+w {} \\;
find . -name `*.txt` -exec chmod a+w {} \\;
find . -name `*.log` -exec chmod a+w {} \\; you can do this for your website |
| Question: |
thanks, but as I understand it you first need to clean the sites, to heal. and then the right folder to prescribe . because backup is infected it is necessary to clean hands |
| Answer: |
you can clean it as indicated in the last report download files to your computer to scan it again with https://www.revisium.com/ai then connect to the site services https://virusdie.ru and scan them, install the recommended developer plugins protection be sure to change all passwords before doing this the passwords of users, administratorov password panel(ftp) delete unnecessary users from the site and ban registration |
| Answer: |
it is also possible to divide sites into multiple accounts |
| Question: |
thanks, I try |
| Answer: |
ok
|
| Question: |
tell me what you need in order to divide sites into multiple accounts |
| Answer: |
to register multiple accounts and transfer them to the sites. you can also take a personal vps server and migrate Saty on it spreading to the accounts |
| Question: |
Hello, can I ask You for help. You tell me above in the correspondence offered to change the rights to folders |
| Question: |
you can also recommend to change the rights on folders and fileds wordpress you can do такchmod -R a-w ./wp-content/chmod-R u+w ./wp-content/uploads/chmod-R u+w ./wp-content/cache/chmod-R u+w ./wp-content/upgrade/chmod-R u+w ./wp-content/gallery/chmod-R u+w ./wp-content/wptouch-data/chmod-R u+w ./wp-content/widget-cache/chmod-R u+w ./wp-content/wpseo-import/chmod-R u+w ./wp-content/thumbs/chmod-R u+w ./wp-content/w3tc/chmod-R u+w ./wp-content/aiowps_backups/chmod u+w ./wp-content/*.phpchmod -R a-w ./wp-includes/chmod-R a-w ./cgi-bin/chmod-R a-w ./wp-admin/find . -name `.htaccess` -exec chmod 0444 {} \\;find . -maxdepth 1 -name `*.php` -exec chmod 0444 {} \\;find . -name `index.php the` -exec chmod 0444 {} \\;chmod 0444 wp-config.phpchmod u+w ./wp-content/plugins/all-in-one-seo-pack/all_in_one_seo_pack.logchmod -R a-w sxdchmod -R a-w myadmin phpMyAdmin myAdminfind . -name `error_log` -exec chmod a+w {} \\;find . -name `*.dat` -exec chmod a+w {} \\;find . -name `*.ini` -exec chmod a+w {} \\;find . -name `*.txt` -exec chmod a+w {} \\;find . -name `*.log` -exec chmod a+w {} \\;you can do this for your website |
| Answer: |
you to change right now? |
| Question: |
can You do this for the site stomatologiya.dp.ua |
| Question: |
if you can, Yes, and tell other sites how can I do it? |
| Answer: |
ready |
| Question: |
Hello, can you help me in this situation. You I changed access rights for the site stomatologiya.dp.ua. Can you tell what rights need to prescribe a similar way to other sites. I want to do it with all my clients to not bother You. Sites are all on WordPress. to improve the safety |
| Answer: |
file permissions should be 644, folders 755. |
| Question: |
thank you |
| Answer: |
ok
|
| Question: |
tell me it was necessary to establish new rights on the folder ahosting, in order to not be hacked , can the code paste. Me on the website stomatologiya.dp.ua You have copied right now there on the folders are right 555. And the files 644, folders 755. kind of like the default in WordPress. so what do I assign rights to folders and files in order for when the idea could not insert malicious code? |
| Answer: |
the Rights to folders should be 755, file permissions 444, protect it from writing to the file, so you can protect the configuration file, if you have made changes to files, the rights for that is 644. |
| Question: |
why me then stomatologiya.dp.Ian folder, put the 555? |
| Answer: |
please Change them to 755. You yourself have not changed? |
| Question: |
no not changed. the situation is the following . I hacked sites and added code in the files. Your colleagues said. what this is because I have allowed the entry in the file , it is necessary to ban it and the problem is partly solved. because I never did asked to change the permissions for a site stomatologiya.dp.ua. It`s all written in this correspondence a little higher. I REALLY want to protect their sites, I have clients on other accounts you have. So I need the right approach. How to set access rights to folders and files that was not possible if hacked to add code. After all, when was the 755. me the code and ordered , apparently does not protect atacak to me then to be ? How |
| Answer: |
file permissions should be 644 folders 755, hacks being often due to the fact that the scripts sites have vulnerabilities through which catch these scripts. |
