[resolved] [closed] Entire Site Suddenly in Italics (38 posts)

  1. Jay
    Posted 3 years ago #

    @songdogtech thanks and I agree. Thats why I recommended this as a starting point

    I noticed that a lot of you are just simply removing the malicious script in header.php. I would highly recommend you search through all your php files in wp-admin, wp-includes, wp-content and uploads (pretty much all your files). I had found two malicious ones in two different folders.

    @carlanne from my experience, your solution will only temporarily work, the injected script will just return. I am just sharing my experience and telling you that I have found malicious files on two different occasions in the folders I listed above.

  2. egexperiment626
    Posted 3 years ago #

    Thank you for this thread. I ran into the exact issue this morning. Entire site in italics, found out had the payloan code. Removed it and now checking all the other files.

    Thank you for saving me a lot of stress trying to figure out what happened!

  3. esmi
    Forum Moderator
    Posted 3 years ago #

    If anyone who is not hosted with GoDaddy experiences this hack, can they please let us know who they are hosted with.

  4. egexperiment626
    Posted 3 years ago #

    Guess it's not a shock to hear that I use Godaddy, is it?

  5. egexperiment626
    Posted 3 years ago #

    FYI - check your users. I found a new admin user created that I DID NOT make!

    systemwpadmin [at] wordpress.org

  6. craigshelley
    Posted 3 years ago #

    I had the same problem. I'm also on GoDaddy for hosting. Thus far I changed the header to the correct code and it fixed my problem, but as others noted above, I may have other malicious code elsewhere. I don't have any users that are admin that I did not make.

  7. cubecolour
    Posted 3 years ago #

    Craig, please post back on your own topic rather than this one which has already been marked as resolved

  8. Closing this as resolved for GoDaddy. If you're on GoDaddy, follow all the hack repair steps outlined earlier. If you're not on GoDaddy, start a new post with your web host and site details.

Topic Closed

This topic has been closed to new replies.

About this Topic