lisa
(@contentiskey)
have you checked for any issues that would cause “redirecting to other sites”?
use this link: https://sitecheck.sucuri.net
do you have a recent backup of your files and database?
Additional guidance:
Carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures and start backing up your site.
-
This reply was modified 7 years, 3 months ago by
lisa.
-
This reply was modified 7 years, 3 months ago by lisa.
hi
I am a novice 🙁
I have looked at sucuri and it says malware found.
I did back up my site Last November before I went away for 3 months. I got back 28th February, now I can’t find my backup.
I am just going through the guidance notes. I am just at a loss as how to access my admin panel now
Thank you
@casperandrufus It looks like your website is indeed infected with a semi-recent wave of malware that loads malicious javascript by injecting a line of code into your existing website files.
If you aren’t worried about the malware potentially infecting your own device, then you can try to clean it up on your own. The easiest way would be to restore from that November 2018 backup, but are you sure it doesn’t contain malware? Often times website compromises can go undetected until it starts disrupting service – as in causing 500 errors and preventing admin panel access.
If you only care about getting admin panel access ASAP, then just change the file permissions to match your web hosts default
I personally wouldn’t recommend contacting your web host for assistance with this issue as they often times disable the website upon finding out it contains malware – then they will push you to use a promoted service for cleanup. It’s best to handle that on your own ASAP to prevent this from occurring.
Sucuri can provide you with site cleanup services if you aren’t sure on how to properly clean any existing malware, they then also monitor and provide a separate firewall to protect your website.
BTW it looks like the alternate admin URL is loading: http://casperandrufus.co.uk/wp-login.php
but after you authenticate it doesn’t guarantee the actual admin panel will successfully load since the malware is generating numerous PHP errors.
Also, just an example of why restoring from a backup, assuming its clean, will still leave you vulnerable due to outdated plugins that contain known vulnerabilties:
| [!] 1 vulnerability identified:
| - https://wpvulndb.com/vulnerabilities/9127
| [!] 1 vulnerability identified:
| - https://wpvulndb.com/vulnerabilities/8822
| [!] 7 vulnerabilities identified:
| - https://wpvulndb.com/vulnerabilities/9120
| - https://wpvulndb.com/vulnerabilities/9137
| - https://wpvulndb.com/vulnerabilities/9143
| - https://wpvulndb.com/vulnerabilities/9165
| - https://wpvulndb.com/vulnerabilities/9166
| - https://wpvulndb.com/vulnerabilities/9194
| - https://wpvulndb.com/vulnerabilities/9221
