In your wp-config.php file, what do have set for “DB_CHARSET”
Hi Steve!
Set this way :
/** Database Charset to use in creating database tables. */
define(‘DB_CHARSET’, ‘utf8’);
Look at your wp_options table with PHPMYADMIN. Search for the key “blog_charset”. What doe it say? It should probably be “UTF-8”. If it’s “UTF-7” try changing it.
Thanks Steve, Hmm, Yes the blog_charset setting in the wp_options table under phpmyadmin is set to UTF-8. So weird, any other potential solutions?
Cant imagine why this issue has popped up so randomly as I use this same theme on many sites and have many of the same settings updating at the same time. Any further help would be greatly appreciated.
@ryanses Not really sure about any other solution. But, i suggest to check your wp-config file and try to check this issue by changing your theme.
Does you any custom functionality on your site?
Scan for “UTF-7” using https://ww.wp.xz.cn/plugins/string-locator/ and install the WordFence plugin to make sure all files match what’s in the repository. (Check the WF scan options to enable that before running your first WF scan.)
Thanks guys, Installed WF & String locator – doing the scan now, thank you.
this came up from the WF scan-
Should I choose to delete the file?
ISSUE
File appears to be malicious: eg.htm
Filename: eg.htm
File Type: Not a core, theme or plugin file.
Issue First Detected: 8 secs ago.
Severity: Critical
Status New
This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: “Hacked By Dr.SiLnT HilL”. The infection type is: Defacement:PHP/Dr.Silnt.
Tools:
View the file.
Delete this file (can’t be undone)
Select for bulk delete
Resolve:
I have fixed this issue
Ignore until the file changes.
Always ignore this file.
Delete the file, but you’ve been hacked.
Take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.
If youโre unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.
Due to the sensitivity of this site I need to work with someone who can help right away. Can you suggest? Or will Sucuri and Wordfence work just fine?
I’m sure they’d be ready to start as soon as you contact them.
Thanks! On it now, indeed, eager to help! ๐ Ill be back soon.
Working with Sucuri to help fix the problem. ๐ Great support, thanks for the tip Steve.
After a long day talking with Sucuri and paying for their services, the hacked content is gone but the same error message is still at the bottom of the page even though they mentioned it was all clean. They are looking into it further…
