Sorry, couldn’t see relevant forum so posting here. If it needs to go elsewhere, would appreciate if it can be forwarded to the relevant place, thanks

My questions is websites are down and been told by Hostgator they have malware on them and need to know how can we get the wordpress sites back up.

• hostgator says they can’t do a backup as backups may be infected
• the cpanel is infected
• all the website index.php files and htaccess codes infected.
• been recommended sitelock but need to know are their alternative solutions out there to get the malware removed as its taken them 6 months after countless chats, just to get this recommendation to us.
• We don’t have access to any of the dashboards either though can get into the cpanel at the moment. Been learning as we have been going along, would say still 50% a novice and still learning.

There are so many suggestions out there that say they can get rid of malware but literally don’t even know where to begin so would really appreciate some recommendations going forward, as you guys are good!

Furthermore (going forward once they are up!) from research will make extra sure whatever plugins and themes are used in the future they are not nulled and they have at least half to a million installs showing etc.,

Would appreciate If someone can point us in the right direction as to the best way to get the sites back so we can start building up the wordpress sites again!

Thank you in advance. Appreciate.

Via FTP I deleted themes folder and some “latest” plugins but still I can′t log in…
Any help? I don′t want lose my website.

Thank you

I have a back up, but I believe this to be infected as well, as this PHP script has been a problem for months but never this bad.

As all attempts I have made to stop it have failed, I was thinking of reinstalling WordPress from scratch with a fresh database and new password.

If I backed up all posts and pages inside the admin panel of the damaged site, would I be able to upload them into a fresh install of WordPress with a totally different database name?

Would all my links continue to work, and my search results remain in Google?

Are there any problems I would experience from doing this I haven’t considered?

My wordpress blog has been hacked, search engine traffic is being redirected to different sites.

I scanned the site using wordfence and found that there is an encrypted code on the theme file, I have changed the theme and deleted it. Now I find that there’s been several codes in different parts of the blog.

Sururi shows that core wp files have been modified.

What do I do?

I am on a budget and I am comfortable doing it myself.

i reset the permalinks to see if i can fix, but it doesn’t help.
anyway, i get 404 error on pages like this one
https://site.com/wp-admin/plugin-install.php

when i refresh the page, the command sometimes goes through.

i suspect malware but the scans that I ran all came up clean. i have also uploaded a fresh copy of wordpress, upgraded all my plugins.

my .htaccess looks like this

RewriteOptions inherit

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

any ideas on how to fix? thanks!

I noticed, that recently on my website appeared some strange posts and categories, that I have never added. There are like 12 posts every week, that are normally visible on the front page – I don`t know what to do about that, so now my fight is just removing these posts.

Below, in the link I put screenshots of how it looks like in my WP Panel.

https://www.songlish.com.pl/prepositions/posts/

I would appreciate any advice!

The site is hosted by GoDaddy and I spent quite a long time with their support this evening and they said the hack is buried within the database and it would take $149 for them to fix it. I actually understand that since the flaw is within WordPress and not their hosting.

If anyone can give some direction, please advise. My brother is battling a malignant brain tumor now so spending that amount of money is not ideal.

By the way, I did see a similar post here in the forums. A post by GoDaddy themselves had a link they said took you to instructions on how to fix the problem. However, when I clicked on that link it took me to a site featuring traffic cameras. Bizarre.

Thank you for any help or guidance.

Tom

Anyways, I do not have the backup for uploads folder, sucks… The posts had been recovered, but the problem is the images. I wish I don’t be in much trouble, I still have the images I uploaded in my computer.

I know I can just re-upload the images, then modify the src=”” of each image in the posts to the one i uploaded… BUT that would take me years… I have 100+ posts whose images where lost in uploads folder, and each post has more than 5 images each…

So, I’m just wondering what can I do to easily solve my problem…

I feel there should be easy way… the posts look for image with the pattern:

/wp-content/uploads/2013/12/image-1.jpg
and I have the exactly named image in my computer image-1.jpg

So I hope there’s a plugin or hack that will help me..