Wordpress Themes - WP Forum at BFA
Click here to register or to donate.
Auto self-registration is not available here - far too many spammers. This forum has many, many backlinks and because of that there is an intense desire among spammers to drop their links here.

Wordpress Themes - WP Forum at BFA » WordPress Themes » Atahualpa 3 Wordpress theme » New Versions, & Updating »

Forced update?


  #1  
Old Apr 24, 2013, 02:06 PM
measure2x's Avatar
measure2x
 
52 posts · Apr 2009
Appleton, WI
I was working in one of my ATA sites (I have 7) today and out of the blue 6 out of 7 of those sites seemed to automatically update to the current version of ATA. (No, I don't update ATA because it's a pain transferring over theme options. It's easier to leave things alone.)

In a panic I called Bluehost and they were able to restore from the version that was on their servers at 2am this morning (although I do have my own backups to restore from).

I've checked the access logs and nothing seems fishy - at least that I can see. And the Bluehost tech couldn't see anything from their end, either.

Does anybody have any info on a forced update that came from ATA? This is the first time this has happened. And, yes, I've now changed passwords at Bluehost and the individual sites.
  #2  
Old Apr 24, 2013, 02:53 PM
juggledad's Avatar
juggledad
 
23,649 posts · Mar 2009
OSX 10.11.5 WP 4.x Atahualpa(all) Safari, Firefox, Chrome
There is nothing in the theme that can force an update
  #3  
Old Apr 24, 2013, 06:05 PM
juggledad's Avatar
juggledad
 
23,649 posts · Mar 2009
OSX 10.11.5 WP 4.x Atahualpa(all) Safari, Firefox, Chrome
Hmmm, someone else on BlueHost just reported the same thing happening
see http://forum.bytesforall.com/showthr...9755#post99755
  #4  
Old Apr 24, 2013, 06:06 PM
Gail_NK
 
121 posts · Oct 2010
I had the same "auto update" on Bluehost too... A bit of a surprise, and yes I have to go through and change over the header and favicon - but with the new coding, that should be eliminated.

Any idea what Bluehost did to force the update?

Gail_NK
  #5  
Old Apr 24, 2013, 07:39 PM
measure2x's Avatar
measure2x
 
52 posts · Apr 2009
Appleton, WI
(followed up with a comment in that thread)

Bluehost is great, but they were very naughty to do an auto update of ATA without our consent! Despite this I've had great service with them.
  #6  
Old Apr 24, 2013, 09:50 PM
measure2x's Avatar
measure2x
 
52 posts · Apr 2009
Appleton, WI
Well, I'm not sure what they're doing over at Bluehost, but my sites are all messed up again.

Is there any way a single version of ATA could be offered? Or at least one that doesn't send a notice to WP that a new version is available. Them maybe Bluehost would leave it alone.

I really don't want this to happen again. I'd hate to have to abandon ATA and create custom themes for all my sites. ATA is fabulous, but if a web host is able to go in and do an update without our consent or notification I'm going to have to find another theme
  #7  
Old Apr 25, 2013, 04:21 AM
juggledad's Avatar
juggledad
 
23,649 posts · Mar 2009
OSX 10.11.5 WP 4.x Atahualpa(all) Safari, Firefox, Chrome
here is an idea, download the version of Atahualpa you need to your computer unzip it and rename the folder to atahualpannn where nnn=version number. Next upload this to the themes folder.

You can have multiple versions of a theme in the theme folder as long as (1) they are different versions and (2) the folder name is different,

in the four years that I've been a moderator, this (and the other therad) are the onl time I've heard of this AND it happened on the same day AND the host is the same. Coincidence?

If BlueHost is forcing udates to this theme, you've got to expect they are doing it to alll themes.
  #8  
Old Apr 25, 2013, 05:28 AM
awcguy
 
34 posts · Feb 2011
West Virginia
Send a message via AIM to awcguy
Dreamhost auto-updates for you as well.. I think its to ensure people are not using old templates with security issues..

All But another reason to have bytesforall look into some sort of feature/rewrite to save changes when doing updates.
  #9  
Old Apr 25, 2013, 05:32 AM
juggledad's Avatar
juggledad
 
23,649 posts · Mar 2009
OSX 10.11.5 WP 4.x Atahualpa(all) Safari, Firefox, Chrome
1) the theme options are stored in the database so they remain across updates (this doesn't include any changes to the theme code)
2) as of 3.7.12 there is an option to store your logo, favicon and header images in a folder in the 'wp-content' folder so it will not be effected by theme upgrades
  #10  
Old Apr 25, 2013, 08:23 AM
measure2x's Avatar
measure2x
 
52 posts · Apr 2009
Appleton, WI
Ok, just got off the phone with Bluehost support again. What they found is that the header.php file was hacked in all of my sites, as well as a malicious file being planted in wp-content. One site also had a hidden, malicious plugin added named "837c". This happened on my own sites (under one account) as well as my clients' sites (each on their own account).

The support person could not see anything in the access log, but the modification of all the header files was done at 8:24pm last night. The best he could offer is that the hacker gained access through the theme somehow.

So I guess I'll be updating ATA for all the sites now.

Is there any place or route that someone could gain access to a WP site through ATA itself? Any ideas?
  #11  
Old Apr 25, 2013, 08:36 AM
juggledad's Avatar
juggledad
 
23,649 posts · Mar 2009
OSX 10.11.5 WP 4.x Atahualpa(all) Safari, Firefox, Chrome
what version of Atahualpa were you on?

I'm unaware of any way you could hack the header.php and install a plugin and plant a file in the wp-content folder via visiting the site.
  #12  
Old Apr 25, 2013, 08:36 AM
johnnyinstereo
 
18 posts · Oct 2012
It's happened to me two days in a row to the same site. This is going to become more than a pain in the ass and start costing me future jobs if I don't get this fixed.

What is going on for real? I use Justhost.com
  #13  
Old Apr 25, 2013, 08:45 AM
measure2x's Avatar
measure2x
 
52 posts · Apr 2009
Appleton, WI
I was running various version of ATA (except the current one) - none were the same.

Well, someone was able to gain access to all my ATA sites, no matter what version and no matter if they were separate accounts.

Bluehost sent me a follow up email with information on hiring a professional security team to look into it. I just may do that.

Yes, this is costing me money, too. Mostly in the form of time I have to spend to fix this.
  #14  
Old Apr 25, 2013, 08:51 AM
juggledad's Avatar
juggledad
 
23,649 posts · Mar 2009
OSX 10.11.5 WP 4.x Atahualpa(all) Safari, Firefox, Chrome
are the various accounts on the same server?
  #15  
Old Apr 25, 2013, 09:05 AM
johnnyinstereo
 
18 posts · Oct 2012
I did a little research and found that hackers are targeting wordpress sites with admin screen names for the administrator. It's a massive hacking that is going widespread now. So it's not Atahualpa. Thank God, I do love this theme.
Here's a link to an article about whats going on...

http://www.informationweek.com/secur...dmin/240152864
  #16  
Old Apr 25, 2013, 05:42 PM
measure2x's Avatar
measure2x
 
52 posts · Apr 2009
Appleton, WI
Screen names for the administrator? You mean the admin login name is "admin"? I definitely change that right away when I start a new WP site.

I had that thought, too, that all my and my clients' sites were on the same server. I will inquire with Bluehost.... and let you know.
  #17  
Old May 12, 2013, 10:01 AM
JSF1000
 
2 posts · Aug 2011
Quote:
Originally Posted by johnnyinstereo
I did a little research and found that hackers are targeting wordpress sites with admin screen names for the administrator. It's a massive hacking that is going widespread now. So it's not Atahualpa. Thank God, I do love this theme.
Here's a link to an article about whats going on...

http://www.informationweek.com/secur...dmin/240152864
We have several different Blue Host sites, all on the previous version of ata. All were zapped. All did not have "admin" logins.

It's not just ata it's updating. I had some unused plugins it also updated. What I don't get is that it didn't zap my theme modifications, as far as I can tell. (Still looking into that)

UPDATE: I did a comparison between my exported ata file and my saved one, and they're the same, so whatever it did, specific mods weren't affected. I'd like to know how it managed that! :D
Beyond annoying, to say the least.

Has anyone heard if it's doing it to other themes?

Is there any way to delete the update notification? I've done the "rename the folder" bit and still gotten the notifications.

Last edited by JSF1000; May 12, 2013 at 10:06 AM.
  #18  
Old May 12, 2013, 01:32 PM
juggledad's Avatar
juggledad
 
23,649 posts · Mar 2009
OSX 10.11.5 WP 4.x Atahualpa(all) Safari, Firefox, Chrome
The theme settings are stored in the database. What was updated was teh theme code. This is one of the best features of Atahualpa, you don't have to change the theme CODE.

Bookmarks

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


Similar Threads
Thread Thread Starter Forum Replies Last Post
Update from 3.5.3 -- all at once? eleanorb New Versions, & Updating 28 Mar 1, 2013 09:27 AM
Forced line-breaks in the Title and Tagline GrahamW Header configuration & styling 3 Aug 21, 2010 07:35 AM
Update rmribeiro New Versions, & Updating 1 May 13, 2009 07:19 PM
Last Update jockoe New Versions, & Updating 1 Mar 6, 2009 12:46 PM


All times are GMT -6. The time now is 01:15 AM.


Powered by vBulletin® Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.