Author
I am seeking a skilled professional to help me eliminate malware from my WordPress website and a subdomain running Invision Community forum software. The ideal candidate should have experience in website security and be knowledgeable in malware removal.
I am looking for help. My Wordpress website and a forum I am running in a subdomain are being constantly hacked and I don’t know how hackers are doing it every day.
I’ve located hundreds of infected files and removed them. I’ve reinstalled everything, changed WP and Forum’s passwords, changed FTP and CPANEL passwords. And they still manage to hack the website again.
Anyone with experience to fix this issue? I don’t know HOW they are doing it. Until I learn how they do it, it will be impossible to fix this issue :(
The malware or whatever they are using, injects codes in most index.php files of the website.
In WordPress, I’m always using IThemes security and WordFence. Even with those two, the hacker manages to infect the index.php file, wp-config.php and uploads a file starting with a dot like .f3a6d4ce.mo to some folder
in the plugins area, or somewhere else. Wordpress is running the latest version, and so are all plugins.
For the subdomain, I am using Invision Community forum software. The hacker or malware must be the same because the malware behaves exactly the same.
It will infect he main index.php, admin.php, and ALL the index.html files will be renamed to index.html.bak.bak and echoed in a newly created index.php which injects the code as seen below:
@include ("/home/setandforget/academy.webiste.com/system/Poll/.f3a6d4ce.mo”);
I located the . file, deleted it and then
In every folder I will see:
index.php
index.html.bak.bak
Once the malware is active, users won’t be able to upload images or post new topics. The website will generate a 500 error when the submit button is clicked.
I have eliminated all of them, renamed them, changed passwords, FTP, CPANEL but still, they will do it again and again. I need to find out the LEAK and fix it for my websites. I need to know HOW exactly and fix this issue.
Any idea what type of malware/virus this could be and how to fix it? It’s driving me crazy.
Thanks a lot
Posted On: May 25, 2023 06:14 UTC
Category: Information Security
Skills:Malware, Virus Removal, WordPress Malware Removal, Internet Security, Vulnerability Assessment, Network Security
Country: Spain
click to apply
I am looking for help. My Wordpress website and a forum I am running in a subdomain are being constantly hacked and I don’t know how hackers are doing it every day.
I’ve located hundreds of infected files and removed them. I’ve reinstalled everything, changed WP and Forum’s passwords, changed FTP and CPANEL passwords. And they still manage to hack the website again.
Anyone with experience to fix this issue? I don’t know HOW they are doing it. Until I learn how they do it, it will be impossible to fix this issue :(
The malware or whatever they are using, injects codes in most index.php files of the website.
In WordPress, I’m always using IThemes security and WordFence. Even with those two, the hacker manages to infect the index.php file, wp-config.php and uploads a file starting with a dot like .f3a6d4ce.mo to some folder
in the plugins area, or somewhere else. Wordpress is running the latest version, and so are all plugins.
For the subdomain, I am using Invision Community forum software. The hacker or malware must be the same because the malware behaves exactly the same.
It will infect he main index.php, admin.php, and ALL the index.html files will be renamed to index.html.bak.bak and echoed in a newly created index.php which injects the code as seen below:
@include ("/home/setandforget/academy.webiste.com/system/Poll/.f3a6d4ce.mo”);
I located the . file, deleted it and then
In every folder I will see:
index.php
index.html.bak.bak
Once the malware is active, users won’t be able to upload images or post new topics. The website will generate a 500 error when the submit button is clicked.
I have eliminated all of them, renamed them, changed passwords, FTP, CPANEL but still, they will do it again and again. I need to find out the LEAK and fix it for my websites. I need to know HOW exactly and fix this issue.
Any idea what type of malware/virus this could be and how to fix it? It’s driving me crazy.
Thanks a lot
Posted On: May 25, 2023 06:14 UTC
Category: Information Security
Skills:Malware, Virus Removal, WordPress Malware Removal, Internet Security, Vulnerability Assessment, Network Security
Country: Spain
click to apply
