New Landing How can we help? Themeforest Theme Support Flexform Site Hacked

Viewing 6 posts - 1 through 6 (of 6 total)
  • Back to forum
    Posted in: Flexform
  • January 27, 2015 at 6:41 pm #144886
    zinerva
    Member
    Post count: 4

    My site was hacked and according to my hosting provider, the problem originates in the Flexform theme. I got this error:
    Warning: require_once(/home/zinerv5/public_html/wp-content/themes/flexform/includes/options/defaults.php) [function.require-once]: failed to open stream: No such file or directory in /home/zinerv5/public_html/wp-content/themes/flexform/includes/sf-options.php on line 17

    Fatal error: require_once() [function.require]: Failed opening required ‘/home/zinerv5/public_html/wp-content/themes/flexform/includes/options/defaults.php’ (include_path=’.:/usr/lib/php:/usr/local/lib/php’) in /home/zinerv5/public_html/wp-content/themes/flexform/includes/sf-options.php on line 17

    I had the hosting company allow me to access the site and I deactivated the theme, but that was not enough and my site has been compromised again.

    Please let me know what I can do and/or how the code can be fixed to not allow the hack.

    Thanks.

    January 27, 2015 at 8:58 pm #144923
    laranz – SUPPORT
    Member
    Post count: 3186

    Hi,

    Can you make sure this file exist? /wp-content/themes/flexform/includes/options/defaults.php

    I don’t think it is caused by site hacking, what else they say other than this message about the compromised?

    Let us know,

    Thanks,
    laranz.

    January 27, 2015 at 9:37 pm #144927
    zinerva
    Member
    Post count: 4

    That file was quarantied by the hosting service (I have access to the fiile) because the file started to have abnormal behavior (they said it was self replicating or trying to access other files in atypical ways). So the file was not accidentally deleted, if that is what you are asking. I talked with them at length and all they could say is there appeared to be a code issue from the theme that they believe was likely a security issue exploited by a hacker.

    Please let me know if you need additional information.

    January 27, 2015 at 10:01 pm #144930
    Rui Guerreiro – SUPPORT
    Keymaster
    Post count: 25779

    Probably your site was hacked with code injection inside the files.
    Do you use Revolution Slider plugin? What version?

    Revolution slider had a security problem that could lead to situations like this.

    -Rui

    January 27, 2015 at 11:38 pm #144945
    zinerva
    Member
    Post count: 4

    I do have Revolution Slider. What can I do to solve the problem? Uninstall and reinstall everything? If I do that, how can I backup without backing up the problems as well? Thanks.

    January 27, 2015 at 11:41 pm #144946
    Rui Guerreiro – SUPPORT
    Keymaster
    Post count: 25779

    You can download the latest Revolution Slider from here, that already doesn’t have that problem.
    http://www.swiftideas.com/forums/topic/revolution-slider-latest-version-2/

    You should also replace the theme files, but all the WordPress install can be compromised.

    -Rui

  • Back to forum
    Posted in: Flexform
Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in and have valid license to reply to this topic.

License required for one of the following items
Login and Registration Log in · Register