hosting infected

  • My hosting provider told me that there are infections in my websites within my hosting
    How can I check and find the infected files or just bad files? How to scan?

Viewing 9 replies - 1 through 9 (of 9 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Install the plugin “WordFence” to scan your site.

    Take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    Hi,
    Wordfence plugin can scan your files for malware. But since your site is already infected, Wordfence can’t do much.

    The best way is to backup your database & wp-content/uploads (make sure you erase all files except image files from the uploads directory before backup). Then install a new copy of WordPress, restore wp-content/uploads & database.

    Tighten file permissions on the server & install and configure any security plugins like Wordfence.

    Adam

    (@adamlachut)

    IMHO that kind of advice does not help too much.
    @ketanco wrote about websites, we do not know how many websites does he has, what kind of etc.
    Secondly, reinstalling WP with same versions of plugins may not help, for example, he may have some plugins in vulnerable versions.
    At third, there are much more things to take care of, like database password: if this password is compromised and if there is phpmyadmin installed and available on this server, someone who knows DB password may easily login to this WP.
    Etc.

    Thread Starter ketanco

    (@ketanco)

    okay so what Achyuth Ajoy said seems like the most straightforward approach and yes from then on i will also follow the avices in the links as Steve suggested and Adam mentioned in their posts.

    In other words, I will just delete the whole thing, only keep my pictures in wp-content/uploads, and then reinstall my wordpress and theme, and upload latest versions of plugins and reset all my passowords. make sense?

    i mean, i will try scanning with wordfence first anyway but this seems like the most straightforward and safest approach right?

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    No. The best approach is to delete and replace from good sources all .php files and look through your posts and pages for malicious javascript. I agree wit adam only in that you should change *all* passwords, for your database and for every user.

    Thread Starter ketanco

    (@ketanco)

    When you said “The best approach is to delete and replace from good sources all .php files and look through your posts and pages for malicious javascript.” it means scanning with wordfence? and what is “good source”?

    sorry if i ask too much

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Good source means downloading and replacing .htaccess and all themes and plugins and the WP code itself, per the link(s) in my original reply. WordFence will help you detect files that don’t belong, but won’t check the database, You’ll need to look at each post/page — in text mode — to look for stuff that doesn’t belong.

    Thread Starter ketanco

    (@ketanco)

    okay yes i was downloading all themes and plugins from wordpress but will reset anyway.
    and i didnt think database would be infected though. i have really good password for that. wordfence will scan just files and folders right? and how do i scan the database?

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    You’ll need to look at each post/page — in text mode — to look for stuff that doesn’t belong.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘hosting infected’ is closed to new replies.