Wordpress Malware - How do I remove it?

巧了我就是萌 提交于 2019-12-02 08:09:31

问题


Today I went to my wordpress site which is self-hosted and I got a warning in Chrome saying "Attackers currently on keitarotds777.onlinepharmacy24h.net might attempt to install dangerous programmes on your computer that steal or delete your information (for example, photos, passwords, messages and credit cards)."

This problem also occurs on other browsers.

The site is: http://dodgeballaustralia.org.au/

Could anybody advise how I can remove this malware and stop if from happening again?

Thanks!


回答1:


There is no hard and fast rule to defend your WordPress installation against all types of malwares but there are certain basic measures that can be taken to make yourself safer from MOST of the threats like keeping your WordPress core/plugins/themes up-to-date, moving to a better hosting, deleting old unused plugins/themes, installing some security related plugins etc. Go through the official WordPress tips for hardening your WordPress installation for further tips.

Moreover, when it comes to security related plugins, you can use Theme Authenticity Checker OR Exploit Scanner plugins for automatically detecting potential malicious files. You can also try the free scan service of Sucuri. Once you are done with the identification of the corrupted files, you can replace them with their official counterparts which you can get from WordPress.org.

To improve your defense against common threats further, install WordPress File Monitor Plus plugin - as it emails each time some file is changed. This will allow you to quickly revert any changes that some malware/script makes in the future and iThemes Security plugin that provides "30+ ways to secure and protect your WordPress site".

Note: WordPress security is a very broad subject and you will primarily find opinion-based answers from different experts!




回答2:


This is a common problem in non secure worpress sites. Plz check the main files in your host like index.php,Header.php, footer.php, functions.php in all themes may be you can see some codes like this <?php eval(gzuncompress(base64_decode('eNrtfWt72za')) ?>

Manually clean the codes from the file.Site will work fine. After clean up insall wp security plug-ins like file monitor. wordfence security. all in one wp security and monitor the activities properly, add the injection prevention codes in .htaccess files. Block the directory listing in wp and change the file permission from 777 to suitable for your server.




回答3:


As to how to remove this malware: it is very difficult. I had to deal with it, and it infects many of your files. You could grab your data and images from your server, which are not infected; delete everything, reinstall Wordpress, and back your data up.

How to protect yourself? Read a lot about WordPress. Certain versions are victims of exploits, so up/downgrade if there is such trouble. Cheers and good luck with the mess.



来源:https://stackoverflow.com/questions/28668011/wordpress-malware-how-do-i-remove-it

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!