Wordpress Optimization Service for PageSpeed Insights

Owners

Active member
Trusted Uploader
Sep 13, 2018
204
133
43
ibb.co


ibb.co


ibb.co


ibb.co



Just optimized this site, a before and after report.
 
  • Wow
Reactions: catalinp

die2mrw007

Senior Developer
Jun 4, 2020
271
108
43
India
www.gizmolord.com
Unfortunately, malware was injected in the site after the optimization process was done. I have server side scanning by sucuri enabled and as soon as the optimization work was done, I got a mail from sucuri that they have detected a malware in my site.
I investigated the scan report and all the files was inside nitro pack plugin which the OP installed in my WordPress site.
As I was more confident that this guy may not do such thing, I asked the support team of sucuri to let me know if it was a false positive or indeed a malware to which they replied saying its not a false positive and it is malware. They cleaned all the malwares from the server (as its included in my subscription with them).

I haven't mentioned my incident so far here as I will not blame the OP for my situation completely.
Reasons are: 1. The service offered is completely free of charge by the OP
2. You are alone responsible for giving server access to someone.
3. I love babiato and people here. I want positivity and wish not to spread anything negative.

I happened to post this here is because, a user from babiato messaged me in inbox asking for few details about this service and upon conversation I felt, i should post my experience too here.

Maybe I was an exception. You may be safe or maybe not.
 
  • Like
Reactions: CosmicSound

Owners

Active member
Trusted Uploader
Sep 13, 2018
204
133
43
Unfortunately, malware was injected in the site after the optimization process was done. I have server side scanning by sucuri enabled and as soon as the optimization work was done, I got a mail from sucuri that they have detected a malware in my site.
I investigated the scan report and all the files was inside nitro pack plugin which the OP installed in my WordPress site.
As I was more confident that this guy may not do such thing, I asked the support team of sucuri to let me know if it was a false positive or indeed a malware to which they replied saying its not a false positive and it is malware. They cleaned all the malwares from the server (as its included in my subscription with them).

I haven't mentioned my incident so far here as I will not blame the OP for my situation completely.
Reasons are: 1. The service offered is completely free of charge by the OP
2. You are alone responsible for giving server access to someone.
3. I love babiato and people here. I want positivity and wish not to spread anything negative.

I happened to post this here is because, a user from babiato messaged me in inbox asking for few details about this service and upon conversation I felt, i should post my experience too here.

Maybe I was an exception. You may be safe or maybe not.
if sucuri said that, i suggest you remove them as they are stupid.

When your optimization work was done, you came back to me asking for more fine tuning, you didnt say anything then?

Sounds like you either dont know your wordpress or you rely on sucuri too much..
 

die2mrw007

Senior Developer
Jun 4, 2020
271
108
43
India
www.gizmolord.com
First of, you didnt have sucuri when i was working on your site.
and if sucuri said that, i suggest you remove them as they are stupid.

When your optimization work was done, you came back to me asking for more fine tuning, you didnt say anything then?

Sounds like you either dont know your wordpress or you rely on sucuri too much..
1. You are saying that I didn't have sucuri when you were working on the site which isn't true bro. You can check our messages in inbox and you will come to know that you asked me whether to remove sucuri from the site for which i said Not to for many reasons. Anyways, that was just a free sucuri plugin to safeguard site by blockong php access, hardening wordpress install and not for malware scanning.
The malware server side scanning from sucuri doesnt have any files installed in the WordPress setup by them. Its altogether a different approach. Please refer this link for more info on this service (its a paid service) : https://sucuri.net/malware-detection-scanning/

2. I didnt ask for fine tuning. I was going through the changes you did on the site and while browsing from mobile and scrolling, the nitro pack plugin 'drag to change' scroller got scrolled by mistake and I was not sure where the indicator position was when you optimized the site. You replied me that the position was to extreme right option named ludacrous

3. I know very well about wordpress and the optimization you did was just replacing the caching plugin wp-rocket with nitropack caching plugin on a major note.

Please stop this conversation further as this will make this thread on a negative scale. I have no complaints whatsoever.
 

Owners

Active member
Trusted Uploader
Sep 13, 2018
204
133
43
1. You are saying that I didn't have sucuri when you were working on the site which isn't true bro. You can check our messages in inbox and you will come to know that you asked me whether to remove sucuri from the site for which i said Not to for many reasons. Anyways, that was just a free sucuri plugin to safeguard site by blockong php access, hardening wordpress install and not for malware scanning.
The malware server side scanning from sucuri doesnt have any files installed in the WordPress setup by them. Its altogether a different approach. Please refer this link for more info on this service (its a paid service) : https://sucuri.net/malware-detection-scanning/

2. I didnt ask for fine tuning. I was going through the changes you did on the site and while browsing from mobile and scrolling, the nitro pack plugin 'drag to change' scroller got scrolled by mistake and I was not sure where the indicator position was when you optimized the site. You replied me that the position was to extreme right option named ludacrous

3. I know very well about wordpress and the optimization you did was just replacing the caching plugin wp-rocket with nitropack caching plugin on a major note.

Please stop this conversation further as this will make this thread on a negative scale. I have no complaints whatsoever.
Thats the problem, people like you even after giving you a free service go on nagging about it. Next time pay someone so you can hold them accountable.

Regarding sucuri, go read on how it works. You clearly lack the knowledge and you dont know how nitropack works either.

Since you claim that i simply replaced your plugin with nitropack then why are you accusing me of injecting malware to your site? I never made the plugin and its available for free. I have this setup running on my paid clients and others who i have optimized in the past, they never complained. That means the problem is at your end and you could have inboxed me and i would have gladly helped, but its okay, people like you come and go :)
 

die2mrw007

Senior Developer
Jun 4, 2020
271
108
43
India
www.gizmolord.com
Thats the problem, people like you even after giving you a free service go on nagging about it. Next time pay someone so you can hold them accountable.

Regarding sucuri, go read on how it works. You clearly lack the knowledge and you dont know how nitropack works either.

Since you claim that i simply replaced your plugin with nitropack then why are you accusing me of injecting malware to your site? I never made the plugin and its available for free. I have this setup running on my paid clients and others who i have optimized in the past, they never complained. That means the problem is at your end and you could have inboxed me and i would have gladly helped, but its okay, people like you come and go :)
Read my reply properly. I haven't blamed you as the service was free of charge.

I am only sharing my experience here which others may not have faced. I am sharing how sucuri detected the malware issue and shared infected file details. I will share few more details about the malware sucuri detected if you require.

I wish we stop discussing this further. Neither I am blaming you here nor I wanted to debate on these things.
 

Owners

Active member
Trusted Uploader
Sep 13, 2018
204
133
43
Read my reply properly. I haven't blamed you as the service was free of charge.

I am only sharing my experience here which others may not have faced. I am sharing how sucuri detected the malware issue and shared infected file details. I will share few more details about the malware sucuri detected if you require.

I wish we stop discussing this further. Neither I am blaming you here nor I wanted to debate on these things.
Send me the sucuri report.. Would love to take it up with them and prove them wrong as they clearly dont know their sh**
 
  • Haha
Reactions: simplysexyboy

die2mrw007

Senior Developer
Jun 4, 2020
271
108
43
India
www.gizmolord.com
Send me the sucuri report.. Would love to take it up with them and prove them wrong as they clearly dont know their sh**

Hi there,

The Nitropack plugin did indeed have malicious content within it.

Here were the files that were cleaned:

CLEARED: Cleared malware from file: ./wp-content/nitropack/MlDzacBqYexmVnHiKWVomYQtxXmNmiWU/data/pagecache/mobile/81127c9b6043e451fd174a90639acf1c/ssl-d41d8cd98f00b204.html Details: html.phishing.generic.096
CLEARED: Cleared malware from file: ./wp-content/nitropack/MlDzacBqYexmVnHiKWVomYQtxXmNmiWU/data/pagecache/desktop/81127c9b6043e451fd174a90639acf1c/ssl-d41d8cd98f00b204.html Details: html.phishing.generic.096

Your site is now showing clean

Please let us know if you have any further questions. Have a great rest of your day!

- Kayleigh
 

Owners

Active member
Trusted Uploader
Sep 13, 2018
204
133
43
Hi there,

The Nitropack plugin did indeed have malicious content within it.

Here were the files that were cleaned:

CLEARED: Cleared malware from file: ./wp-content/nitropack/MlDzacBqYexmVnHiKWVomYQtxXmNmiWU/data/pagecache/mobile/81127c9b6043e451fd174a90639acf1c/ssl-d41d8cd98f00b204.html Details: html.phishing.generic.096
CLEARED: Cleared malware from file: ./wp-content/nitropack/MlDzacBqYexmVnHiKWVomYQtxXmNmiWU/data/pagecache/desktop/81127c9b6043e451fd174a90639acf1c/ssl-d41d8cd98f00b204.html Details: html.phishing.generic.096

Your site is now showing clean

Please let us know if you have any further questions. Have a great rest of your day!

- Kayleigh
This doesent say what plugin caused the problem.

This simply says the optimized version of that particular link has a phishing content, that could have happened from another plugin which may have been injected with malicious content and nitropack simply optimized it in html format while creating a cache of it and serving it to non-logged in members.

I have paid clients running nitropack, i myself am running it and others whom i have optimized before, here and else where...
 

MrSam_1

Well-known member
Administrative
Trusted Seller
Dec 1, 2018
23,613
26,955
120
Hi there,

The Nitropack plugin did indeed have malicious content within it.

Here were the files that were cleaned:

CLEARED: Cleared malware from file: ./wp-content/nitropack/MlDzacBqYexmVnHiKWVomYQtxXmNmiWU/data/pagecache/mobile/81127c9b6043e451fd174a90639acf1c/ssl-d41d8cd98f00b204.html Details: html.phishing.generic.096
CLEARED: Cleared malware from file: ./wp-content/nitropack/MlDzacBqYexmVnHiKWVomYQtxXmNmiWU/data/pagecache/desktop/81127c9b6043e451fd174a90639acf1c/ssl-d41d8cd98f00b204.html Details: html.phishing.generic.096

Your site is now showing clean

Please let us know if you have any further questions. Have a great rest of your day!

- Kayleigh

This is so awkward for you. As the only so called malware infected files are the generated files then more than 99% that it's a false positive. Sucuri identified a selection of code that might be similar with some phishing malware code. It also states the "generic" as many AVs are categorizing what they don't know but look similar. Clearly it's a case of PUA (possible/potentially unwanted application with emphasis on POSSIBLE) so I would suggest you to check your used plugins&themes against vulnerability database as the issue relies on your website.

Hijacking a thread like this and creating this fuss it's not ethical.
You should have opened a separate discussion with your issue and come with proof in one post instead of creating this hype around it.
 

catalinp

New member
Aug 3, 2020
23
5
3
RO
Hi @Owners ,

Let me start by thanking you for what you're doing for the community:)

I would need some assistance with my website but before anything there are some remarks:

I’ve installed the nitropack plugin, speed is more than fine in ludicrous mode, really enjoying it but it makes my website not functional for touchscreen devices.
If I enable a preloader, it never stops loading unless the screen is touched/scrolled.
If I disable the preloader, the top text never appears, unless touched/scrolled.
If I change from ludicrous to strong, it works fine in terms of speed(not as ludicrous but decent) but with very poor ratings on google page speed insights.

The website I need help with is: https://itlifeclub.com

Please let me know know if there's anything that can be done.

Thanks!
 

die2mrw007

Senior Developer
Jun 4, 2020
271
108
43
India
www.gizmolord.com
Hi @Owners ,

Let me start by thanking you for what you're doing for the community:)

I would need some assistance with my website but before anything there are some remarks:

I’ve installed the nitropack plugin, speed is more than fine in ludicrous mode, really enjoying it but it makes my website not functional for touchscreen devices.
If I enable a preloader, it never stops loading unless the screen is touched/scrolled.
If I disable the preloader, the top text never appears, unless touched/scrolled.
If I change from ludicrous to strong, it works fine in terms of speed(not as ludicrous but decent) but with very poor ratings on google page speed insights.

The website I need help with is: https://itlifeclub.com

Please let me know know if there's anything that can be done.

Thanks!
Activate manual mode and in the settings, disable the option for delay loading script until user interaction. You would be in ludicrous mode.
 
  • Like
Reactions: catalinp

alemarini

New member
Oct 16, 2019
11
2
3
Hello @Owners
Thanks for what you are doing 🙏
I'd like you to have a look to my website - it doesn't even load in Speed insights :(

Any support would be much appreciated.
Ciao
Ale
 

About us

  • Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.

Quick Navigation

User Menu