system
December 30, 2016, 12:13pm
1
Hi,
Our website masiacancanal.com is marked as infected and users with avast can not acces to our site. We updated and cleaned the site, changed the server and didn’t find any malware, but the problem still appearing. Please could you help us with that issue?
Thank you.
Eddy
December 30, 2016, 12:16pm
2
What is the infection that avast detects ?
system
December 30, 2016, 12:49pm
3
Hi,
Avast only says: This site could damage your computer, and do’nt allow to access to the site, after that the website appears as not available.
Eddy
December 30, 2016, 12:53pm
4
polonus
December 30, 2016, 1:04pm
5
In 2015 there were detections for doc.php, but later this seemed safe to use…
Eddy is right, but there are also WordPress CMS issues and insecurities:
The following plugins were detected by reading the HTML source of the WordPress sites front page.
revslider
ultimate-gallery-master 1.3.1 latest release (1.3.1)
http://demo.webhuntinfotech.com/demo
waving-portfolio latest release (1.2.4.5)
http://www.itechflare.com/
cookie-law-info 1.5.3 latest release (1.5.3)
http://wordpress.org/extend/plugins/cookie-law-info/description/
nation-booking
wordpress-popup latest release (4.8.0.0)
http://premium.wpmudev.org/project/the-pop-over-plugin/
contact-form-7 4.6 latest release (4.6)
http://contactform7.com/
redforts-oscar-hotel-booking 1.3 latest release (1.3)
https://redforts.com
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.
Also check: Compromised sites will often contain embedded iframes that can also deliver malicious code to visitors of the web site. Check any discovered iframes and ensure they are legitimate.
https://wXw.google.com/maps/embed?pb=!1m19!1m8!1m3!1d11928.517850589269!2d2.398336!3d41.631333!3m2!1i1024!2i768!4f13.1!4m8!3e6!4m0!4m5!1s0x12a4cbc6b92fed7b%3A0x6cea9e7ff2f6c4e7!2sMasia+Can+Canal%2C+Camino+a+Can+Canal%2C+B-510%2C+08450+Llinars+del+Vallès%2C+Barcelona!3m2!1d41.631333!2d2.398336!5e0!3m2!1ses!2ses!4v1473318217474
F-status here: https://observatory.mozilla.org/analyze.html?host=masiacancanal.com
DOM-XSS issues: Results from scanning URL: -http://masiacancanal.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.1.1&ver=676bece2aa73098645e66c2f6157a345
Number of sources found: 41
Number of sinks found: 17
4 issues and therefore B-status: https://sritest.io/#report/157c1a44-4cd2-40b1-ad46-f08a13fa6b68
polonus (volunteer website security analyst and website error-hunter)
HonzaZ
January 2, 2017, 9:17am
6
This was blocked a while ago due to Router CSRF attacks - I am unblocking the domain now !