EntityRef php error

Home Forums BulletProof Security Pro EntityRef php error

Viewing 14 posts - 16 through 29 (of 29 total)
  • Author
    Posts
  • #2810
    AITpro Admin
    Keymaster

    The PHP Error log is just a text log file where errors are logged.  It does not do anything besides just existing as a text log file.

    #2811

    Security log is empty

    #2813

    We have had a quiet few hours so i’ll wait and see and do some more testing.

    #2817
    AITpro Admin
    Keymaster

    I just triggered a 403 error on beesoninc.com by attempting to access your Plugins folder and I was of course Forbidden by the Plugin Firewall.  Do you see that 403 error in your Security Log?

    #2819

    No i dont see any security log, its still empty

    #2820
    AITpro Admin
    Keymaster

    Ok then I need to log into this site and see what is going on.  Please create a temporary WordPress Admin login account for me (with a secure password: Example:  e@*g34!#9Ty4*!bf6) and send the login to edward at ait-pro dot com.

    #2821
    AITpro Admin
    Keymaster

    Actually I just scanned this website and it is hacked.  You need to restore this website from a good backup.  BPS Pro will not automatically clean up a hacked website.  In a previous Forum Post you sent me that session file.  This website is definitely currently hacked:  beesoninc.com.  My scanner shows that you have malware on this website.

    Please see this Forum Topic for websites that are already hacked prior to installing BPS Pro on them.

    http://forum.ait-pro.com/forums/topic/website-is-already-hacked-will-bps-pro-automatically-fix-or-remove-the-hackers-files-and-code/

    #2823

    Beesoninc.com was previously hacked on a previous hosting server. We just moved it to this new hosting last week with a clean install. If you did a scan you might have seen an old version of results.

    #2825
    AITpro Admin
    Keymaster

    This site is currently still hacked.  See this Sucuri Scan result

    http://sitecheck.sucuri.net/results/beesoninc.com

    #2826
    AITpro Admin
    Keymaster

    Ok actually I rescanned the website and I see what triggered my scanner to see malware.  The site did not return a malware warning on rescan.  Will log into the site.

    #2828

    Ok thanks for logging in. I now see your 403 error but thats the only error so far. I will keep an eye on that, and start testing the forms again.

    #2829
    AITpro Admin
    Keymaster

    After logging in I found that the Plugin Firewall was in Test Mode.  I turned Off the Plugin Firewall Test Mode, activated the Plugin Firewall and tested your Security Log.  Security errors are now being successfully logged.  The Plugin Firewall Test Mode is designed to send errors to the Plugin Firewall Test Mode Results box instead of logging them in your Security Log file.  So while you are in Test Mode you will not see any errors being logged in your Security Log file.

    I ran a couple of quick scans with the Pro-Tools String Finder Tool and the website does not contain any common patterns associated with malware or hacker files.

    I noticed you had the Status displays set to display in BPS Pro pages ONLY.  This is probably why you did not see the Status for the Plugin Firewall.  I recommend that you keep the Heads Up WP Dashboard Status display to display in your WP Dashboard.  This will prevent this kind of thing from happening in the future.

    I also added a skip/bypass rule for the Yoast WordPress SEO plugin to Custom Code and activated your wp-admin .htaccess file again.

    #2831
    AITpro Admin
    Keymaster

    I also visited your site with a different IP address using VPN Protection software and checked your entire site and your contact forms.  Everything is working perfectly.  Thanks.

    #2833

    Fantastic, thank you for all your help.

Viewing 14 posts - 16 through 29 (of 29 total)
  • You must be logged in to reply to this topic.