Support » Plugin: Anti-Malware Security and Brute-Force Firewall » Can’t find the backdoor (malware)

  • Resolved kvandelaak


    Everytime I browse to my website. I get redirected to some spam sites. On mobile it gives me an uber popup msg. I found some strings with your app but can’t remove it.

    this is what I see through firefox dev view

    <script async=”async” type=”text/javascript” src=”//″></script>
    <script type=”text/javascript” src=”//″></script>

    On every page this code comes back but no idea where it hides in the WordPress php.

    please help!

    • This topic was modified 2 years, 9 months ago by kvandelaak.
    • This topic was modified 1 year, 11 months ago by Jan Dembowski.

    The page I need help with: [log in to see the link]

Viewing 4 replies - 16 through 19 (of 19 total)
  • gobu check your functions.php files
    the malware script might be written in starting few lines, remove them. then remove feed.php file from wp-include folder which causes some user have the adware, and some not!

    Hey @hayat5050!

    I have nothing weird in the function.php file of my child theme or parent theme :/

    In the meantime, I found that the malware was writing some IPs in a file called wp-feed.php in wp-includes. If the IP is in this list, the user doesn’t get the ad…

    Plugin Author Eli


    Please note that this topic is resolved. The malicious code posted here is already in my definition updates and my plugin will find it and fix it for you.

Viewing 4 replies - 16 through 19 (of 19 total)
  • The topic ‘Can’t find the backdoor (malware)’ is closed to new replies.