Hi,
In 2016 i bought all the wordpress themes from Gavick. I've been told that there was a change in your business and all the accounts you had, you lost them. I don't have any receipt of the plan I bought in 2016, so i made myself a new account and i purchased it again so that you could help me with a problem i'm having on a website. In www.bandax.com I used the Wordpress Photo template in 2017. Now the website started to have problems with virus and infected archives. I don´t know which archives I should replace, or what to do, cause now when I want to see the website it says:
"Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request."

I don´t want to replace any archive, cause in some pages of the theme i changed the code or the css.
Please help me.

Hi,

What pages exactly are infected? I can't see the issue.
Unfortunately cleaning websites is beyond our technical support, your website may be infected be plugins, core WP files or theme files, so first please update your theme to latest version (1.7). If you don't want to upload entire theme directory (because of custom modification) you have to compare your files and update them manually.

More information may be found here:
https://www.gavick.com/documentation/wordpress/guide/theme-upgrade

Cheers
Joshua

10 days later

Hi Joshua,
Now if you enter to the site you'll see that all the website is down. All the plugins are OK.

Hi,
The last version of GK Photo theme is 1.7 (you are using 1.6). Please update your theme first.

I've also disabled your Wordfence plugin and your website is available now, so it wasn't a theme issue.

Cheers
Joshua

    Joshua-M I've already replaced all the files of the theme and it still tells me i have the 1.6 version of the theme. What can be happening?

      Hi,

      I'm not able to log in to your website backend anymore:
      "ERROR: The username or password you entered is incorrect. Lost your password?"

      Could you check credentials from your thread fields?

      Cheers
      Joshua

      Sorry, we've changed the password. Now it's updated and you can log in.

      Thanks for the update.

      I've just compared your theme files with the latest version from download section and I can see that files are different.. how exactly did you update your theme?

      Additionally I found suspicious file (probably malware) which is not a part of our theme (Photo/theme/customizer-extensions/grhslatj.php) Please remove this file ASAP.

      You have also other suspicious file in you root directory (order.php) - is not a part of WordPress core files.

      Please scan all your files (WordPress core, plugins, themes - also themes which are not active).

      Cheers
      Joshua

      I updated the theme replacing every folder manually, except the style.css
      I'm going to check that suspicious file you tell me, cause I don't really know how to delete it for good

      8 days later

      Just thought I'd follow up and see if you were ok?

      Thanks
      Paul

      Write a Reply...
      You need to Login to view replies.