• Time after time, a malware code appears in some files on server that makes Google to point to another website. I find code and delete it but after few days, it appears again in another file.
    I change file permissions for importent files to 444 but no big problem for hackers. They change it to 644 and inject code again.
    Everything is up to date and I tried to substitute all plugins with clean versions. Passwords are strong and I change it periodicly> I think there is no ghost administrators.
    Using Wordfence plugin. It finds attacked files but can`t resolve cause.
    Here is a code injected in index.php

    https://codeshare.io/2K9jEX

    Does anyone know about this malware and how to prevent Google to do it`s instructions ?

    Thank you

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    You need to replace files — scans won’t do it all.

    Get a fresh cup of coffee, take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    Most likely you either have some additional payload/backdoor that allows for repeated infection or some of the plugins or theme used have security issue.

    Also rewrite all WordPress files, just to be sure.

    Поздрав за Вра?е. ??

    If the redirection continues to come back even after replacing WordPress files as suggested by @sinip and @sterndata it may be time to rebuild the website from the ground up.

    Once you find a solution please tag the thread as resolved.

    Thread Starter icxxris

    (@icxxris)

    Thanks all for response.
    It seems I have to rebuild everything from the ground up. But is there a way to scan my theme for malware ? It`s not purchesed from original repository. I have tried Aibolit-for-windows but it always find something suspicious in almost every code ?? I think its a lot of false positives.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Website redirects to another website’ is closed to new replies.