Galaxy Casino 705.REGISTER NOW GET FREE 888 PESOS REWARDS!

Resolved hanuchin
(@hanuchin)

10 years, 8 months ago

Hello, i have a site, which is getting hacked again and again and now i dont know, what i can do against.

What i have done, to secure this wordpress installation:
– changed all passwords ( ftp, wordpress )
– wordpress and all plugins are up to date
– all unnecessary plugins have been deleted
– all files and directories, except the theme, are from a fresh wordpress installation -> i removed all files and directories before, so that there is no file, which is not used by the current wordpress version
– all in one security plugin is installed and almost all features are active
– xmlrpc.php removed
– file permission is set to what all in one security plugin recommend

Which hack?
at round about 40 files following php code is added on top of the file:
<?php eval(gzinflate(base64_decode(‘pRn9c9o49ufc….

Which files are getting changed, for example:
/index.php
/wp-settings.php
/wp-content/themes/Avada/framework/views/metaboxes/page_options.php
/wp-content/plugins/wordpress-seo/inc/wpseo-functions.php
/wp-includes/ms-settings.php
…. alot more

after i clean up the files, it takes 2-4 hours and the hack is back again.

I hope, somebody can help me!
Thanks. hanuchin

Viewing 4 replies - 1 through 4 (of 4 total)

gerald@WPcustoms
(@geeman12030)

10 years, 8 months ago

did you download the avada theme from themeforest?
here are some more infos about hacked themes:
[link moderated – keep support on this site]
if you are on a shared host there could be other accounts on that server with vulnerable scripts and an attacker may get into your site over and over again.

Mark Ratledge
(@songdogtech)

10 years, 8 months ago

@hanuchin: Work your way through these resources and follow all instructions to completely clean your site or you may be hacked again. See FAQ: My site was hacked ? WordPress Codex and How to completely clean your hacked wordpress installation and How to find a backdoor in a hacked WordPress and Hardening WordPress ? WordPress Codex.

Change all passwords. Scan your own PC. Use https://sitecheck.sucuri.net/ before and after.

Tell your web host you got hacked; and consider changing to a more secure host: Recommended WordPress Web Hosting

If you can’t do the work yourself, consider looking for a reputable person to fix it correctly on freelancing sites such as Elance. (It’s not a good idea to respond to unsolicited emails from forum users offering to work for you.)

Thread Starter hanuchin
(@hanuchin)

10 years, 8 months ago

hello. after checking all php files inside the theme, i cant update the theme, there was one affected file, which no malware / exploid scanner detected. i cleaned this file and now it seems ok.
thank you for help.

Thread Starter hanuchin
(@hanuchin)

10 years, 8 months ago

resolved

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Google Hack / Redirect to drugstore’ is closed to new replies.

Google Hack / Redirect to drugstore

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics