Closed

Remove virus and protect wordpress powered site from attacks

This project received 8 bids from talented freelancers with an average bid price of $102 USD.

Get free quotes for a project like this
Employer working
Skills Required
Project Budget
N/A
Total Bids
8
Project Description

My wordpress powered site (and add on sites) powered by wordpress has been under attack. This is the 3rd time in 6 months it has been experiencing alterations in the php code and shows as an attack site.

I hired a security specialist and the attack site warning was removed but a new problem came out. The details of the latest attack is below:

Last March 16, 2012:

What is happening right now is that at 7:45pm last night, the permission settings for my php files were updated anonymously, in the one site, ([url removed, login to view]) it was updated to read only so that when I make a new post using wordpress, it comes out with a string of errors here is a sample of the error string:
------
Warning: fopen(/home/forexclu/public_html/dap/[url removed, login to view]) [[url removed, login to view]]: failed to open stream: Permission denied in /home/forexclu/public_html/wordpress/wp-content/plugins/DAP-WP-LiveLinks/[url removed, login to view] on line 864

Warning: fwrite(): supplied argument is not a valid stream resource in /home/forexclu/public_html/wordpress/wp-content/plugins/DAP-WP-LiveLinks/[url removed, login to view] on line 865

Warning: fwrite(): supplied argument is not a valid stream resource in /home/forexclu/public_html/wordpress/wp-content/plugins/DAP-WP-LiveLinks/[url removed, login to view] on line 871
------

DAP WP livelinks belong to a membership plugin that I already had on the site during our virus extermination project last January. I asked them what the problem was and their reply was:

-------

Mark,

This indicates a permission issue on your webhost.

Pls ftp to your site and update the permission of /dap/[url removed, login to view] to 777 and the errors will go away.

Thanks,

Veena Prashanth
*** NEW! [url removed, login to view]
[url removed, login to view]
Twitter

--------

I have since been in contact with my webhost admin and they are investigating it as mentioned.

On the other website that is also hosted on the same hosting account as an addon domain, ([url removed, login to view]) i received an error this morning when I tried to access the home page:

--------

Fatal error: Cannot redeclare class Wickett_Twitter_Widget in /home/forexclu/public_addon/[url removed, login to view] on line 256

--------

Which according to my webhost admin, is also a deletion of certain modules in my account. I suspect that a malicious virus caused this.

So, to wind up this already long message, the winner of this project needs to 1.) track down the culprit of this mischievous activities? And 2.) fix and protect my 2 sites permanently from these attacks.

------

The site went down again 2 days ago this time a string of errors came out and the sites were completely down.

My host server just reinstalled the site back up. My guess is, in a week or 2 the virus will reactivate itself.

If you think you are qualified, please bid and will award to the best solution provided.

Looking to make some money?

  • Set your budget and the timeframe
  • Outline your proposal
  • Get paid for your work

Hire Freelancers who also bid on this project

    • Forbes
    • The New York Times
    • Time
    • Wall Street Journal
    • Times Online