Support » Plugin: Easy WP SMTP » How to fix infected site

  • chrisdavisberry

    (@chrisdavisberry)


    So the complete list to recover the infected website:

    1. Edit the site_url via the wp-options database (this should let you back into the site)
    2. Access site backend (dashboard) and remove false admin account
    3. Go to settings, general and check “New User Default Role” has not been changed from your normal settings… usually Subscriber, or Customer on stores.
    4. Update to the latest version of the Easy WP SMTP plugin
    5. Change your database password (in wp-config) and any other insecure content an admin could see.
    6. Run a full (High Sensitivity) scan on the site (via Wordfence plugin) and follow all the suggestions of that scan. You need to select the High Sensitivity option in the “Scan options and Scheduling” of Wordfence.

    Alternative, If you have a site backup

    If your site has malicious files or code and you have a backup dating back before the infection….

    When you check your site files you can see when these files were altered. You can also usually see the time the admin user was added to your account.

    Instead of cleaning files one by one if you have a backup available from before this time or date then i strongly recommend installing that backup to replace the current site – ideally from a few days before if your site has not changed much in that time.

    Its a much quicker process… but remember to update the plugin to 1.3.9.1 on this backed up version and follow the other steps outlined.

    Again, hope that helps.

Viewing 1 replies (of 1 total)
  • Plugin Support mbrsolution

    (@mbrsolution)

    We apologize for any inconvenience. The developers patched the vulnerability the moment it was reported by releasing version 1.3.9.1.

    The vulnerability was introduced in version 1.3.9 when the following features were added?

    1.3.9

    Added Export\Import settings functionality.
    Added option to delete all settings and deactivate plugin.

    Thank you for sharing your steps, which I am sure will help others. Also one of WordPress moderators published a solution if your site has been hacked. Please refer to the following forum post.

    Also thank you very much for your 3 star rating. That is very kind of you.

    Warm regards

Viewing 1 replies (of 1 total)
  • The topic ‘How to fix infected site’ is closed to new replies.