AIC

AIC: Website Fix with NoScript

Leave a comment

Adventures In Computing: Using NoScript to repair website

      One of the things I help people with is their websites. The exact details of that vary, but in this case I was being asked to help repair a website that had been compromised. It was a WordPress site, and the ‘hack’ had installed a bad plugin. In turn, that plugin hid itself, and much of the admin interface. Couldn’t see it, so couldn’t uninstall it.



The Problem (and it’s Solution)

      Which was where I came in, the client had asked me to look at it.

      At first, I didn’t see a problem. The public side of the website looked OK, no obvious oddities. At least to me, the client knew what the site should look like and noticed issues. I Logged into the admin interface and continued to not see a problem. As WordPress uses scripting for various things, I used NoScript to allow the site, and that’s where I found the issue.

      When you use NoScript to allow a site, it also shows any other scripts trying to run. In this case, there was an extra script running, from a domain I hadn’t heard of before. Can’t remember the address, but I want to say it was a .tk domain. Since I wasn’t running that script, I could access the restore options. One restore later and the site was back as it should have been. Did the standard after hack things (change passwords, hashes, that sort of thing) and moved on.



NoScript to the Rescue

      Because I run with the NoScript Extension for Firefox, and am very strict about what scripts I allow to run, the malicious scripts trying to hide things failed to run (on my computer). With their failure, I could see both the extra ‘plugins’ and the option to restore the backup, effectively removing the problem.

      I’m not recommending NoScript for everyone. While I believe it makes Firefox the ‘most secure’ browser out there, it’s power and the need for constant vigilance is too high a price for most people. But for those willing to put up with it’s overhead, it’s regular use does have benefits. In this case, it made for a quick and simple fix.



      Having an Adventure In Computing to share is a nice bonus too.

Leave a Reply