- This topic has 9 replies, 2 voices, and was last updated 15 years, 6 months ago by imported_Ryan.
-
AuthorPosts
-
May 24, 2009 at 3:11 am #829BrianAdkins6300Member
The website is http://www.wafflecabin.com
I cant edit everything on the multi-levelnavigation sheet except this first part,
#suckerfishnav {
background:#ffffff repeat-x;
font-size:3px;
font-family:verdana, Georgia,Times New Roman, Tahoma,sans-serif;
font-weight: bold;
width:99.8%;
}I have no idea why this is. The rest of the code I can edit and it changes the style of the menu bar, but with this first part of the code, when I change the font size, font family, background, ect. it makes no change after I edit it. I can put the font size as 100 and it will still stay the same as the way it is on the webpage now. The whole code is,
#suckerfishnav {
background:#ffffff repeat-x;
font-size:3px;
font-family:verdana, Georgia,Times New Roman, Tahoma,sans-serif;
font-weight: bold;
width:99.8%;
}
#suckerfishnav, #suckerfishnav ul {
float:left;
list-style:none;
line-height:28px;
padding:0;
border:0px solid #aaa;
margin:0;
width:99.8%;
}
#suckerfishnav a {
display:block;
color:#660000;
font-weight:
text-decoration:none;
padding:0px 36px;
}
#suckerfishnav li {
float:left;
padding:0;
}
#suckerfishnav ul {
position:absolute;
left:-999em;
height:auto;
width:101px;
font-weight:normal;
margin:0 0 0 28px;
line-height:1;
border:0;
border-top:1px solid #666666;
z-index:1000
}
#suckerfishnav li li {
width:99px;
border-bottom:1px solid #666666;
border-left:1px solid #666666;
border-right:1px solid #666666;
font-weight:
font-family:Tahoma,Times New Roman,verdana,sans-serif;
}
#suckerfishnav li li a {
padding:4px 10px;
width:80px;
font-size:12px;
font-weight: normal;
color:#dddddd;
}
#suckerfishnav li ul ul {
margin:-21px 0 0 100px;
}
#suckerfishnav li li:hover {
background:#9C1F1B;
}
#suckerfishnav li ul li:hover a, #suckerfishnav li ul li li:hover a, #suckerfishnav li ul li li li:hover a, #suckerfishnav li ul li li li:hover a {
color:#dddddd;
}
#suckerfishnav li:hover a, #suckerfishnav li.sfhover a {
color:##660000;
}
#suckerfishnav li:hover li a, #suckerfishnav li li:hover li a, #suckerfishnav li li li:hover li a, #suckerfishnav li li li li:hover li a {
color:#660000;
}
#suckerfishnav li:hover ul ul, #suckerfishnav li:hover ul ul ul, #suckerfishnav li:hover ul ul ul ul, #suckerfishnav li.sfhover ul ul, #suckerfishnav li.sfhover ul ul ul, #suckerfishnav li.sfhover ul ul ul ul {
left:-999em;
}
#suckerfishnav li:hover ul, #suckerfishnav li li:hover ul, #suckerfishnav li li li:hover ul, #suckerfishnav li li li li:hover ul, #suckerfishnav li.sfhover ul, #suckerfishnav li li.sfhover ul, #suckerfishnav li li li.sfhover ul, #suckerfishnav li li li li.sfhover ul {
left:auto;
background:#e0dcc5;
}
#suckerfishnav li:hover, #suckerfishnav li.sfhover {
background:##999967;
}Thanks for helping me out with this.
May 24, 2009 at 6:26 am #6256imported_RyanMemberI can’t see any way in which that could happen sorry.
The whole CSS is stored as a single option in WP, it’s not stored in separate chunks.
May 24, 2009 at 6:29 am #6257imported_RyanMemberIt looks like your WP database has been hacked … http://wafflecabin.com/wp-content/plugi … /style.php
I doubt the plugin has been hacked, because what they’ve done is actually pointless. It is most likely a hack from elsewhere which has infiltrated the options part of your WP install and posted a bunch of spam in there and they’ve randomly inserted it into the option which this plugin uses to store it’s CSS data.
May 24, 2009 at 6:31 am #6258imported_RyanMemberYou have a whole stack of spam links on the main part of your site too.
May 24, 2009 at 9:24 am #6259imported_RyanMemberYou may have been hacked because you were using an old version of WordPress:
[code:3jqzhetn]<meta name="generator" content="WordPress 2.6.5" />[/code:3jqzhetn]I haven’t heard any reports of security problems with the 2.6.x line, but that is certainly a possible cause of your problem.
May 24, 2009 at 9:27 am #6260imported_RyanMemberYou may find this useful … http://ocaoimh.ie/exploit-scanner/
May 24, 2009 at 1:38 pm #6261BrianAdkins6300MemberHi Ryan,
I think you’re right. I can’t update the regular style sheet of the page, or it brings me to a page with 2 random text boxes and an authenticate button, so I can’t even update the regular CSS now. Where do you see these spam links?
When you say what they have done is pointless. What exactly do you see they did? Where do you see it?
Thanks Ryan
By the way. When I go into the style.php in my host, I don’t see all those links that are placed above all the code like the link shows when you click on it in here.
May 25, 2009 at 7:00 am #6262imported_RyanMemberThe style.php file itself is just a PHP script, there is no CSS in it. It grabs the CSS from the WP database, which seems to have acquired a large amount of spam.
There is a whole bunch more spam lodged into the pages themselves too. You can see it directly below the </body> tag. It’s impossible to know where it is coming from without seeing the template files themselves.
You really should fix this ASAP. This is a major security breach and they could be doing all sorts of nasty stuff to your server right now without you being aware. Not to mention your search engine rankings taking a nose dive due to the PR that’s being siphoned off.
May 25, 2009 at 2:10 pm #6263BrianAdkins6300MemberDamn, Yeah now I see it all. You have any suggestions on getting rid of this? That anti-spam program I tried did nothing. It didn’t point out any of those spam links or where to fix them. Let me know if you have any suggestions on where I should go to delete this crap. Thanks Ryan.
Looking now, it actually happened to every wordpress page we have on our host…christ.
May 26, 2009 at 5:50 am #6264imported_RyanMemberYeah, if it happens to one then there is a reasonable chance it happened to all of them. The best approach is just to wipe everything and reinstall it all from scratch.
Make sure that you actually delete everything and check that there are no files left at all. Don’t just write over the files and hope for the best as there may be hidden scripts which check for file rewrites and reintroduce the spam again.
Oh, and don’t forget to wipe the database obviously since the spam seems to be in there too.
And change all of your passwords as well. They have access to your encryped passwords, plus they have the salts, hashes etc. for them too.
Basically, you need to start from scratch.
-
AuthorPosts
- You must be logged in to reply to this topic.