-
AuthorPosts
-
January 31, 2017 at 10:55 am #740553
Dear Support,
Wordfence found critical problem in the php file
wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/html-helper.class.php
Please let me know if I have to delete the file and upload a new one or upgrade all the theme files.
Regards
Stelios
January 31, 2017 at 11:05 am #740556Same problem. Seems like the link they use got hacked. The link (http://www.link.at/) DON’T VISIT ATM is mentioned as a comment.
//fallback for previous default input link elements: convert a http://www.link.at value to a manually entry
if(strpos($element[‘std’], ‘http://’) === 0) $element[‘std’] = ‘manually,’.$element[‘std’];Nothing to worry about as long as you don’t visit the website. Most browsers will block the site anyways.
- This reply was modified 7 years, 10 months ago by dirkvisser. Reason: changed websites to browsers
January 31, 2017 at 11:46 am #740568i have the same problem today on 8 Enfold websites :( What shall i do now?
January 31, 2017 at 12:22 pm #740582Same problem on 6 Enfold sites, all using wordfence. Any ideas to fix this?
January 31, 2017 at 12:34 pm #740584Yep, same warning over here. What to do about it? Firefox blocks the whole url now.
January 31, 2017 at 12:35 pm #740585I also have this problem.
“Adding issue: File contains suspected malware URL: /home/thingsc/www/die-barracudas.ch/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/html-helper.class.php”
I deleted the file with wordfence and now my enfold website is down :-((((
****
Warning: require_once(/home/thingsc/www/die-barracudas.ch/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/html-helper.class.php) [function.require-once.php]: failed to open stream: No such file or directory in /home/thingsc/www/die-barracudas.ch/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/template-builder.class.php on line 111Fatal error: require_once() [function.require.php]: Failed opening required ‘/home/thingsc/www/die-barracudas.ch/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/html-helper.class.php’ (include_path=’.:/usr/local/share/pear:/home/thingsc/www/die-barracudas.ch/wp-content/plugins/mailchimp-widget/lib’) in /home/thingsc/www/die-barracudas.ch/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/template-builder.class.php on line 111
****
Can you please advice what to do?January 31, 2017 at 12:37 pm #740586poppenhaeger you have to reupload the files, the theme needs this file to work.
January 31, 2017 at 12:38 pm #740587Hi there,
same problem also,
what if we just take out the suspected url from the comments? would that do the trick?
thnx
January 31, 2017 at 12:43 pm #740588eny4W: you mean uploading the newest enfold theme via ftp and replacing the folder: wp-content/themes/enfold with the theme files?
January 31, 2017 at 12:53 pm #740590Hi,
i have the same problem, and after looking into source i suggest 2 things:
.) don’t delete it
this link ist mentioned in a comment in the file.) Kriesi: please update the theme and replace the url http://www.l**k.at to another placeholder url
http://www.l**k.at is blacklisted as a malware site, that’s why wordfence sees the theme corrupted.Best,
Stefan
aumayermedia.atJanuary 31, 2017 at 12:53 pm #740591yep, this would do the trick for now
January 31, 2017 at 12:58 pm #740593Same issue here, need a fix!
January 31, 2017 at 1:06 pm #740599Is there anything we should be doing immediately? Is it a problem in the short term?
January 31, 2017 at 1:25 pm #740606Got several clients mailing (in distress), thinking they got hacked.
All got the same Wordfence message.I hope this will be fixed quickly.
January 31, 2017 at 2:45 pm #740652Hey!
Please refer to this post – https://kriesi.at/support/topic/wordfence-found-a-suspected-malware-in-an-enfold-php-file/#post-740608
Cheers!
YigitJanuary 31, 2017 at 3:00 pm #740665same problem here, please assist!!
January 31, 2017 at 3:04 pm #740668Hey!
Please see the link i posted above. As mentioned, we will add the fix to upcoming update.
Malicious link is in commented line therefore has no affect at all on your sites.Regards,
YigitJanuary 31, 2017 at 3:23 pm #740683Yes, thanks. The link worked. No worries any more.
January 31, 2017 at 4:56 pm #740749Where can I locate “enfold/config-templatebuilder/avia-template-builder/php/html-helper.class.php file” to edit? Sorry, this is very new for me.
January 31, 2017 at 5:01 pm #740752Hey!
@jtuselton You can access the file via FTP. If you would like to make the changes for you, please start a new thread and attach FTP logins in private content field. If you post them here, they will be visible to creator of this thread as wellBest regards,
YigitJanuary 31, 2017 at 5:04 pm #740754So, you need my login for my hosting account, correct? BlueHost?
January 31, 2017 at 5:08 pm #740756Hey!
Yes, we need to access files on your server to edit them. But again, please post them in a new thread in private content field.
Regards,
YigitJanuary 31, 2017 at 5:26 pm #740772Thanks Yigit, here’s the link to the new thread. https://kriesi.at/support/topic/possible-malware/
January 31, 2017 at 5:47 pm #740788My colleague deleted the file, I’ve uploaded it for him but when accessing the admin section of the site we get the following error:
Fatal error: Class ‘AviaHtmlHelper’ not found in /var/www/vhosts/website.com/httpdocs/wp-content/themes/enfold/config-templatebuilder/avia-shortcodes/blog.php on line 88
January 31, 2017 at 5:57 pm #740792Hi!
@steetiehj Please re-install the file and applied the changes explained here – https://kriesi.at/support/topic/wordfence-found-a-suspected-malware-in-an-enfold-php-file/#post-740608
If you would like us to look into it, please start a new thread and attach temporary admin logins and FTP logins in private content fieldBest regards,
YigitJanuary 31, 2017 at 6:00 pm #740800resolved, thanks!
-
AuthorPosts
- The topic ‘suspected malware’ is closed to new replies.