Malware problems
Posted: November 30th, 2011, 8:06 amIt may be too late to track this down now, but I wanted to mention the problem in case I've missed something.
I've had issues with malware on my s2member powered site. The first time was about a month ago and was resolved with a simple re-install of wordpress. Then again yesterday which required a backup restore.
It didn't seem too sophisticated, and was adding a long encrypted section of code after the /html tag on each page. It first came to my attention when my SSL was broken on sign-in pages. Then I discovered that Google had flagged it too.
I've temporarily disabled my s2member until I have some clarity on the cause.
Here is the malware notice from Google.
http://www.google.com/safebrowsing/diag ... ademy.com/
The website is using latest version S2Member Pro (111105), and the latest versions of WP (3.21)+ BuddyPress (1.51). The site uses the Buddy Press template. The only other plugins were Secure Wordpress (2.0.6) and PollDaddy (2.0.11). We have around 250 paid level one members, 4 authors, and one admin.
I know it may be hard to diagnose now that it's cleaned up, but any guidance would be helpful.
My only theory is that some whole opens up when using s2member with BuddyPress, but I see no similar issues in the forums.
I've had issues with malware on my s2member powered site. The first time was about a month ago and was resolved with a simple re-install of wordpress. Then again yesterday which required a backup restore.
It didn't seem too sophisticated, and was adding a long encrypted section of code after the /html tag on each page. It first came to my attention when my SSL was broken on sign-in pages. Then I discovered that Google had flagged it too.
I've temporarily disabled my s2member until I have some clarity on the cause.
Here is the malware notice from Google.
http://www.google.com/safebrowsing/diag ... ademy.com/
The website is using latest version S2Member Pro (111105), and the latest versions of WP (3.21)+ BuddyPress (1.51). The site uses the Buddy Press template. The only other plugins were Secure Wordpress (2.0.6) and PollDaddy (2.0.11). We have around 250 paid level one members, 4 authors, and one admin.
I know it may be hard to diagnose now that it's cleaned up, but any guidance would be helpful.
My only theory is that some whole opens up when using s2member with BuddyPress, but I see no similar issues in the forums.