Jump to content

Archived

This topic is now archived and is closed to further replies.

quinntinm

One of my client websites was hacked.

Recommended Posts

quinntinm

Hi, i wanted to know if this was something that the guys at pagelines were aware of.

 

While i was away over the festive season and had limited internet access, I had 2 hacking issues from the same idiot on one of my client sites.

I am not sure how he got in, but after the first one i did a full site and db restore via my ISP and updated all the plugins except for the DMS theme and updater which i think was one update behind.

A few days later the guy got in again, i repeated all of the above and this time updated the DMS items as well and i am now all up to date.

 

This seemed to have fixed the vulnerability.

 

Was this picked up by anyone else using DMS?

 

I have no idea how to see where he got in, how he got in and to make sure it doesn't happen again.

 

Do you have any advice in this regard?

Share this post


Link to post
Share on other sites
Danny

Hi,

 

There are no known vulnerability in DMS, if any such vulnerability become apparent our developers would fix the issue immediately, and spam social media and write a blog post informing our users to update ASAP. If you have been hacked, it is likely through your server.

I recommend you contact your web host provider and inform them of this and ask them to investigate.


Please search our forums, before posting!

Share this post


Link to post
Share on other sites
quinntinm

Danny, can you tell me what the "Fixed Memtest" involved with the 1.8.5 update for DMS Professional Tools involved?

 

Share this post


Link to post
Share on other sites
Danny

As far as I am aware the fix simply fixed the issue that it was no longer working correctly. I have reached out to our developers who will be able to go into more detail. However, this is not the cause of the hack.


Please search our forums, before posting!

Share this post


Link to post
Share on other sites
Simon

Danny, can you tell me what the "Fixed Memtest" involved with the 1.8.5 update for DMS Professional Tools involved?

In a previous update I had inadvertently renamed the options in the pro tools, so the checkbox to turn on memtest stopped working, the update fixed that small issue.

 

As Danny already mentioned, there is no known issue or has there ever been a hacking issue with any PageLines product, if there was we would issue an update immediately and fully disclose it to all our customers.

 

You said you did a site restore of files and the database? Did you check the files for the backdoor? A site restore would not remove files they have added nor would it remove any new database options if you did a database restore.

 

You host may be able to look through the logs and find out how the backdoor was uploaded.

Share this post


Link to post
Share on other sites

  • Similar Content

    • Lisa Haran
      By Lisa Haran+
      Hi 
      I have a map here http://www.iloveoffset.com/maps/
      I want to add several pointer locations to the map, but when I do they do not appear.
      On this map there are 2 pointer locations and as you can there is only one visible.
      Earlier today I added 7 and could only see 4 so there is something odd going on.
      My theme is up to date
    • clj182
      By clj182+
      Hello,
      I've been having trouble unlocking the template section for past couple of weeks. When I try clicking nothing happens. 
      I've deleted my custom css and removed plugins. Im down to having only the following plugins:
      Akismet
      Contact Form 7
      DMS Professional Tools
      Pagelines Updater
      WooCommerce
      It was working fine before i have no idea what's going on with it.
    • flourishdesignstudio
      By flourishdesignstudio+
      My DMS 2 site http://www.heart-stone.com/ will not save any new custom css... I can still edit templates and publish those but any custom css that I enter never saves.
      All WP files, themes, and plugins are up to date. 
      Any thought about what might be causing this?
    • flourishdesignstudio
      By flourishdesignstudio+
      Is there a way to edit the custom CSS via FTP? I know I can edit the custom code in the Chrome editor but is there a file path I can use to find and edit the CSS directly from our FTP?
      Thanks in advance for the help!
    • nizami
      By nizami+
      Using navbar section with correctly configured WP menu to display main navigation at https://elenaangel.com. 
      All fine in desktop viewport. Menu displays twice in hamburger mode. How to fix this please? 

×