Title: WordPress website hacked/malware?
Last modified: August 20, 2016

---

# WordPress website hacked/malware?

 *  [echofestival](https://wordpress.org/support/users/echofestival/)
 * (@echofestival)
 * [13 years, 11 months ago](https://wordpress.org/support/topic/wordpress-website-hackedmalware/)
 * Hi there,
 * My website, based on wordpress has recently been prevented from opening on web
   browsers, please see here: [http://www.echofestival.com](http://www.echofestival.com)
 * I have chatted to my Website hosting company (Go Daddy), and this is the response
   which I got:
 * Thank you for contacting Online Support. Please note that we found nothing above
   the root folder of your hosting plan or in your .htaccess files. Those areas 
   are unaffected. If you believe that your site has malicious code or other malware
   attached to it, please review the following for identifying and removing malware
   and how to prevent it from happening again in the future.
 * If you have malware on your website, do not go to the malware link, even if it
   is a page within your website.
 * In most cases, it’s very difficult to determine how your website became infected
   since malware spreads in a variety of ways.
 * The most common way attackers infect websites is by exploiting weak passwords
   or vulnerabilities in Web applications and plugins. Your site might have been
   infected if you visited another site with malware, or if you received an email
   with a malicious attachment.
 * If you are concerned that your hosting account was compromised in any way, change
   your password immediately. For information about creating a strong password, 
   see Generating a Strong Password.
 * For information about what to do if you have malware on your site, see Identifying,
   Removing, and Preventing Malware on Your Hosting Server.
 * I have also just run the website through an online website scanner and the results
   are here: [http://sitecheck.sucuri.net/results/www.echofestival.com](http://sitecheck.sucuri.net/results/www.echofestival.com)
 * Does anyone know the best solution which I should take with this matter? I am
   fairly new to WordPress so any help is welcome!!

Viewing 3 replies - 1 through 3 (of 3 total)

 *  [Paweł Knapek](https://wordpress.org/support/users/adpawl/)
 * (@adpawl)
 * [13 years, 11 months ago](https://wordpress.org/support/topic/wordpress-website-hackedmalware/#post-2867494)
 * You need to start working your way through these resources:
    [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked)
   [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779)
   [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/)
   [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/)
   [http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html](http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html)
 * online scanner:
    [http://sitecheck.sucuri.net/scanner/](http://sitecheck.sucuri.net/scanner/)…
   others: [http://www.malwarehelp.org/freeware-open-source-commercial-website-security-tools-services-downloads.html](http://www.malwarehelp.org/freeware-open-source-commercial-website-security-tools-services-downloads.html)
 * [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress)
 *  Thread Starter [echofestival](https://wordpress.org/support/users/echofestival/)
 * (@echofestival)
 * [13 years, 11 months ago](https://wordpress.org/support/topic/wordpress-website-hackedmalware/#post-2867502)
 * Hi there, ok so through Google webmaster tools and here are some problems:
 * /wp-includes/js/comment-reply.js?ver=3.4.1 – Details 7/3/12
    /wp-content/themes/
   bonsai/js/jquery.nivo.slider.js?ver=3.4.1 – Details 7/3/12 /wp-includes/js/comment-
   reply.js?ver=3.4 – Details
 * It seems like the problem lies with the jquery nivo slider…?
 * Suspected injected code Instances
    _[ Malware code removed, please do not post
   that here. ]_
 *  [Paweł Knapek](https://wordpress.org/support/users/adpawl/)
 * (@adpawl)
 * [13 years, 11 months ago](https://wordpress.org/support/topic/wordpress-website-hackedmalware/#post-2867637)
 * Most of your .js files is infected.
    …and on 99,9% not only .js. 🙂

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘WordPress website hacked/malware?’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 3 replies
 * 2 participants
 * Last reply from: [Paweł Knapek](https://wordpress.org/support/users/adpawl/)
 * Last activity: [13 years, 11 months ago](https://wordpress.org/support/topic/wordpress-website-hackedmalware/#post-2867637)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics