Support » Plugin: Anti-Malware Security and Brute-Force Firewall » Can’t find the backdoor (malware)

  • Resolved kvandelaak

    (@kvandelaak)


    Everytime I browse to my website. I get redirected to some spam sites. On mobile it gives me an uber popup msg. I found some strings with your app but can’t remove it.

    this is what I see through firefox dev view

    <script async=”async” type=”text/javascript” src=”//go.mobisla.com/notice.php?p=628268&interactive=1&pushup=1″></script>
    <script type=”text/javascript” src=”//go.pub2srv.com/apu.php?zoneid=1063894″></script>

    On every page this code comes back but no idea where it hides in the WordPress php.

    please help!

    • This topic was modified 2 years, 9 months ago by kvandelaak.
    • This topic was modified 1 year, 11 months ago by Jan Dembowski.

    The page I need help with: [log in to see the link]

Viewing 4 replies - 16 through 19 (of 19 total)
  • gobu check your functions.php files
    the malware script might be written in starting few lines, remove them. then remove feed.php file from wp-include folder which causes some user have the adware, and some not!

    Hey @hayat5050!

    I have nothing weird in the function.php file of my child theme or parent theme :/

    In the meantime, I found that the malware was writing some IPs in a file called wp-feed.php in wp-includes. If the IP is in this list, the user doesn’t get the ad…

    Plugin Author Eli

    (@scheeeli)

    Please note that this topic is resolved. The malicious code posted here is already in my definition updates and my plugin will find it and fix it for you.

Viewing 4 replies - 16 through 19 (of 19 total)
  • The topic ‘Can’t find the backdoor (malware)’ is closed to new replies.