[phpBB Debug] PHP Warning: in file [ROOT]/phpbb/session.php on line 594: sizeof(): Parameter must be an array or an object that implements Countable
[phpBB Debug] PHP Warning: in file [ROOT]/phpbb/session.php on line 650: sizeof(): Parameter must be an array or an object that implements Countable
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
Into The =PiT= • Website Security Issues
Page 1 of 1

Website Security Issues

Posted: Tue Jun 26, 2018 2:47 pm
by Saratoga
Heya's fraggerz, taxdodgers and code pirates...

Im making a WP site for a friend and having some security issues/shiz.

A couple friends checking it out (testing) have said their ips blocked them or reported as malicious.... others had zero issues and successfully used every booking/reservation component.

Ive been using Virustotal.com and made progress thus far , but cant sort this last bit as to why or where from this other server shiz is from... that is in the return header.

Like that server IP ? - WTF did that come from ?
Site is hosted on Hostgator... is like the 10th-12th site I've done... never had this before.

Yes, ive done the disable plugins, changed themes, changed WP install directory, changed themes again...

Of course a css haxaround is a suitable resolution i'de take on board if you can haxitup.
(n00b me limited to basic css skilz.... still - roflz)

Any Ideas ???

Cheers
Toga
-------------------------------------------------------------------------
HTTP Response
Final URL
http:// *hidden by Toga for privacy - please pm for url if req.
Serving IP address
50 dot 87.149.43
Status code
200
Body length
91.25 KB
Body SHA-256
6e789f75ac5fa2e0ad90961ba13acdfe48920550301d23729d1b2d5c24f593b8
Headers

connection: keep dash alive
content / type: text = = = html; charchoalset=UTF-8
date: Tue, 26 Jun 2018 04:05:50 GMT
server: n g i n x / 1 . 14.0 -spaces between characters
transfer-encoding: chunked

Posted: Tue Jun 26, 2018 2:48 pm
by Saratoga
Hehehe.... didnt like the content.
Had to do the highlighted edits to make post.

Posted: Tue Jun 26, 2018 5:11 pm
by INKoRP
Can you get them to send screenies of exactly what their browsers are saying? Be sure to include the address bar and any part of the UI that deals with SSL (Securtiy Certs or Padlock icon etc)

Posted: Tue Jun 26, 2018 5:24 pm
by Saratoga
Ive not setup a SSL... the only screenie is from a phone
Attach853_20180626_090758.jpg

I'll pm you the full url

Posted: Tue Jun 26, 2018 5:38 pm
by INKoRP
I'm almost 100% sure it's because of the lack of SSL Certification. If they click that "not recommended" option it should let them see it. It's likely a default browser security setting that stops you accessing sites that don't encrypt data you send to it (Like smaller newer sites etc.)

For the record it opened fine on mine, no issue other then an FYI from the browser about the SSL Cert. (It didn't hit Red Alert :D)

Posted: Tue Jun 26, 2018 5:41 pm
by INKoRP
Firefox and Chrome open it fine, Explorer had a meltdown but by clicking the same thing Disregard thingo I mentioned earlier it went through fine.

Posted: Tue Jun 26, 2018 5:46 pm
by INKoRP
As a rule of thumb not using SSL is a bad idea, expecially if you're internet bacnking etc where sensitive data is being passed back and forth, but if you're sure of the source/data like that most likely is it's fine.

Posted: Tue Jun 26, 2018 5:55 pm
by INKoRP
I think I can pay ~$90AUD for SSL Cert. for my site but it's not worth it for me.

Posted: Tue Jun 26, 2018 6:22 pm
by Saratoga
Yer... ok.
Is that SSL $90/year ? or is a once off thingo ?

No financial transactions on website. Only basic contact data for bookings.
Feel free to make a test booking... obviously I can delete it.

The owners friend freaked and squealed about "Malicious & Phishing" warnings when blocked, when she tried... so did my sister from USA.

Am still a bit concerned that 6/68 engines on virulstotal have flagged it....
AutoShun - Malicious
Emsisoft - Phishing
Fortinet - Phishing
G-Data - Phishing
Malware Domain Blocklist - Malicious
Sophos AV - Malicious

I suppose I could raise the issue with them individually and see what shiz hitz...

The next, and hopefully last drama, will be migrating & directing her domain name to my WP install.
(Building and hosting as a favour for teh wifey..... gah - I can see this will be a never ending round of website updates/styles/layouts/pics/functionality etc..)

Cheerz-n-Beerz Inky :D

Posted: Tue Jun 26, 2018 6:56 pm
by INKoRP
I never really finished looking into it so I'm far from a full bottle on SSL. It was a service my web host offered. It can vary greatly who you go through and what the requirements may be, definitely shop around, fairly certain you can get them for a reasonable price if there's no way around it. The expire so usually the cost would be based on when that happens.

The whole 'phishing' aspect is mostly scare-tactics to ward the uninitiated from plugging in bank details and passwords into dodgy websites where their traffic may be sniffed or monitored en route. But if you know the traffic's origin etc, it sounds like overkill.

I'd guess that the bigger deal the browser makes about it the more secure they can advertise themselves as being. While they're not technically wrong it's mostly easily ignored if you're careful.

P.S. Made a booking :D

P.P.S. Some info to make it not so scary: https://support.mozilla.org/en-US/kb/mi ... =inproduct

Posted: Tue Jun 26, 2018 6:58 pm
by INKoRP
Domain pointing to your WP install shouldn't be hard at all.

Posted: Wed Jun 27, 2018 2:21 am
by blink
Hey toga,

Normally your webhost will have a feature to enable HTTPS/SSL (some offer it for free, but looks like Hostgator charge $20/yr)

...However it looks like your site was explicitly reported for phishing, so I doubt enabling HTTPS will change that. Are you sure your site wasn't compromised? I would think about resetting your passwords and do a fresh WP install, making sure none of the old files are still there, and then report that the website no longer contains any threats.

Posted: Mon Jul 02, 2018 12:32 am
by Saratoga
Cheers Inky & Blink... posted more in clan section.