website malware
-
Hi guys, I’ve noticed that in the WooCommerce summary page there’s an JS injecten below the address section:
[ Malware deleted, don’t post that here ]
Do you have any thoughts how to fix this? I’ve scanned my site with WordFence and nothing was found. Please help!
-
This topic was modified 6 years, 2 months ago by
. Reason: Moved to Fixing WordPress, this is not an Everything else WordPress topic
The page I need help with: [log in to see the link]
-
This topic was modified 6 years, 2 months ago by
-
Faced this problem in few sites of my client. Fixed it by removing the script code from the site.
The malicious string is the same for every compromised file, so mostly downloading whole project from FTP, and then CTRL+SHIFT+F all files in project for the phrase you pasted should make your day. – You can also look for it in the Database using various combination of searches using for example https://pl.ww.wp.xz.cn/plugins/search-and-replace/
I have found the malicious code also in my own custom post type body(
the_content())After that I’d recommend to:
-
clean up your PC and browsers’ extensions as they could be the main security-hole
define( 'DISALLOW_FILE_EDIT', true );in wp-config
Change your database password
Check if all WP User accounts and their e-mails are known to you. If not, just suspend or delete them.
Install some basic security for WP
Ask your hosting company to help you by installing anti-virus on the server(or just launching you the option – this may be extra – billed for you).There’s probably better way, but my solution led up to get free of viruses in short time(hope they don’t come back soon).
Thank you, also I’ve found this solution: https://www.wpdesk.net/blog/flexible-checkout-fields-vulnerability/
The topic ‘website malware’ is closed to new replies.