Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
|
New Webmasters ask "How-To" questions here. This is where other fucking Webmasters help. |
|
Thread Tools |
09-15-2010, 03:33 PM | #1 |
Registered User
Industry Role:
Join Date: Nov 2009
Location: Las Vegas
Posts: 18
|
What kind of malicious code should I be on the lookout for in WP themes?
I'm looking through a few WordPress themes for any malicious code. I'm on the lookout for encoded / encrypted code, and any obvious things (like changing emails, accessing unnecessary db records, sql injections). However, I'm not sure what subtle function calls to look for. I'm thoroughly familiar with programming and php, but not so much with the WordPress functions.
Any ideas? Thanks, Chris
__________________
65% Revenue share with NO Pre-checked Cross-Sales - DirtyHardCash FHGs | Morphing RSS Feed | ICQ 586-006-959
|
09-16-2010, 12:15 AM | #2 |
Confirmed User
Industry Role:
Join Date: Aug 2008
Posts: 131
|
Few days back, my non-adult WP site was infected with a malicious code. I only realized it when I opened my site and it was redirecting to some site in Russia. In my next attempt, I somehow managed to check the source code of my site before it could redirect and immediately informed my host. Host found the malicious code and immediately removed it. There was a huge dump of malicious code in the footer of the page.
Luckily, no sensitive information was transmitted as I use OpenDNS. When I checked the OpenDNS logs, I could literally see the entry as blocked. If I hadn't been using OpenDNS, any sensitive data could easily have been transmitted. So far, I have found no traces as to which plugin or theme this infection came from. So its a bit difficult to answer your question. But may be you can get more information on this in the WP forums. |
09-16-2010, 01:08 AM | #3 |
Confirmed User
Industry Role:
Join Date: Sep 2010
Posts: 92
|
There are a couple of security plugins that may remove that shit. Try "Secure WordPress" and "WP Security Scan".
Get them @ wordpress.org You should NEVER install free themes found on forums or on other free download sites. I suggest you buy a theme from a site like Themeforest.net and get one of the more popular themes that is updated regularly. One other thing that is helpful and that is to rename Admin to something completely different. |
09-16-2010, 01:54 AM | #4 |
Confirmed User
Industry Role:
Join Date: Aug 2008
Posts: 131
|
Forgot to attach the screenshot.
Apart form MrRob's suggestions and for added safety/security, you can also try to use the OpenDNS which blocks transmitting of any sensitive data just in case your site or any site visited is infected. |
09-16-2010, 05:22 PM | #5 |
Registered User
Industry Role:
Join Date: Nov 2009
Location: Las Vegas
Posts: 18
|
Thank you for the responses, guys. I will check out the WP plugins and OpenDNS.
__________________
65% Revenue share with NO Pre-checked Cross-Sales - DirtyHardCash FHGs | Morphing RSS Feed | ICQ 586-006-959
|
09-17-2010, 03:07 PM | #6 |
ICQ:649699063
Industry Role:
Join Date: Mar 2003
Posts: 27,763
|
I suppose you shouldn't check for problems yourself. Get the program that checks for problems.
__________________
Send me an email: [email protected] |
09-18-2010, 07:49 AM | #7 |
Confirmed User
Join Date: Jul 2004
Location: Ohio
Posts: 293
|
You should also look over this Theme Authenticity Checker plugin
|
09-19-2010, 01:22 PM | #8 | |
Too lazy to set a custom title
Industry Role:
Join Date: Dec 2009
Location: Google
Posts: 12,403
|
Quote:
__________________
Most Affordable Firewall & Malware Protection for Linux Servers |
|
09-20-2010, 08:09 AM | #9 |
Too lazy to set a custom title
Industry Role:
Join Date: Mar 2003
Location: Homeless
Posts: 62,911
|
Believe it or not, it is usually best to buy a theme..
__________________
PornGuy skype me pornguy_epic AmateurDough The Hottes Shemales online! TChicks.com | Angeles Cid | Mariana Cordoba | MAILERS WELCOME! |
10-01-2010, 02:20 AM | #10 | |
Confirmed User
Industry Role:
Join Date: Aug 2008
Posts: 131
|
Quote:
|
|