Malware attack
-
Yesterday, my website was A-okay. Just this morning, I try to open my wordpress dashboard and it will lead me to another website. After following a solution posted on another threads,
“How I fixed it: go to file wp-content delete mu_plugin and go to your database setting under wp_option remove the siteURL and add your own website. Repeat the same in HOME URL.
I can open my website and my wordpress dashboard again. However, when I scan my website on https://sitecheck.sucuri.net/. The malware is still there, how can I clear the malware?
The page I need help with: [log in to see the link]
-
I’m pretty sure your wordpress got infected by letsmakeparty3
use SSH and type this to find whether your files still contain their script(js) code
grep -rl 'String.fromCharCode(104,116,116,112,115,58,47,47,97,108,108,111,119,46,108,101,116,115,109,97,107,101,112,97,114,116,121,51,46,103,97,47,108,46,106,115,63,100,61,49)' * | wc -l
The above code finds specific text, which is the malicious link, on every of your file. If you want to find which file got infected, remove the| wc -lpart.
If you got 0, then all of your file should be free from the malicious script. (then i don’t know what should you do next if you keep getting the warning)If you got at least 1, then some of your file still contain those links. Use security plugin (I use GOTMLS) to scan your website. Fix the files (mine was automatically using that plugin), then the problem should be gone. You can also delete the script manually one by one if you want.
This is the solution I did so far. the solution might be differ from yours
The topic ‘Malware attack’ is closed to new replies.