Title: HTTP/1.1 500 Internal Server Error after malware attack
Last modified: August 20, 2016

---

# HTTP/1.1 500 Internal Server Error after malware attack

 *  [dota2hook](https://wordpress.org/support/users/dota2hook/)
 * (@dota2hook)
 * [13 years, 3 months ago](https://wordpress.org/support/topic/http11-500-internal-server-error-after-malware-attack-1/)
 * Hello guys, all of my websites (for example: [http://www.Dota2hook.de](http://www.Dota2hook.de)
   and [http://www.wowcast.de](http://www.wowcast.de)) on Bluehost have been hacked/
   attacked and got on many of the .php files bad eval code ([http://pastebin.com/KB1NgqzN](http://pastebin.com/KB1NgqzN)).
   I have been cleaning the crap on Dota2Hook.de website for about 5 hours now, 
   but still no effect.
 * The big Question/Problem is, that even on [http://sitecheck.sucuri.net/scanner/](http://sitecheck.sucuri.net/scanner/)
   they cant tell me what the hell is going on, because the website is ‘blank’. 
   I cannot access the wp-admin or anything else beside cPanel. I tried talking 
   with the Bluehost Support Profis (3-4 different) but nobody had ANY idea what
   is happening.
 * I have tried deleting the plugins folder, but site didnt go up aswell, i think
   i might just try and error delete a lot of the stuff.
 * My htaccess file looks ok as well i think: [http://pastebin.com/HgwU1RYc](http://pastebin.com/HgwU1RYc)
 * I really need your help, im kinda depressed and about to cry :/
 * ps. atm im trying to do something with the ssh, but atm no good results.
    pps.
   I was thinking of trying the sitesecury service, but i am not sure if it will
   make any difference, because in 1 jear i will probably get hacked again. (so 
   maybe someone of you knows any ‘guy’ that works per job?)

Viewing 4 replies - 1 through 4 (of 4 total)

 *  [esmi](https://wordpress.org/support/users/esmi/)
 * (@esmi)
 * [13 years, 3 months ago](https://wordpress.org/support/topic/http11-500-internal-server-error-after-malware-attack-1/#post-3448129)
 * Do you have access to server/site error logs? They might be useful in tracking
   fatal errors down.
 *  Thread Starter [dota2hook](https://wordpress.org/support/users/dota2hook/)
 * (@dota2hook)
 * [13 years, 3 months ago](https://wordpress.org/support/topic/http11-500-internal-server-error-after-malware-attack-1/#post-3448133)
 * Doesnt look that nicely, i can try to get it into another progrem if you sugest
   one. [http://pastebin.com/pgqgwe3x](http://pastebin.com/pgqgwe3x)
 *  Thread Starter [dota2hook](https://wordpress.org/support/users/dota2hook/)
 * (@dota2hook)
 * [13 years, 3 months ago](https://wordpress.org/support/topic/http11-500-internal-server-error-after-malware-attack-1/#post-3448134)
 * The one error on line 192:
 *     ```
       foreach ( $quant as $unit => $mag )
       		if ( doubl// Mysql string Year
       	$mm = substr( $mysqlstring, 8, 2 ); // Mysql string Month
       	$md = substr( $mysqlstring, 5, 2 ); // Mysql string day
       	$day = mktime( 0, 0, 0, $md, $mm, $my ); // The timestamp for mysqlstring day.
       	$weekday = date( 'w', $day ); // The day of the week from the timestamp
       	if ( !is_numeric($start_of_week) )
       ```
   
 * that are lines 190 to 195 and i dont see any problem..
 * PS. On Dota2Hook.de i have been deleting the eval code, and so it doenst come
   back i have made 0444 Permissions. (because i have no idea where the backdoor
   is + i am suspecting bluehost for it)
 *  [esmi](https://wordpress.org/support/users/esmi/)
 * (@esmi)
 * [13 years, 3 months ago](https://wordpress.org/support/topic/http11-500-internal-server-error-after-malware-attack-1/#post-3448137)
 * Try re-uploading all files & folders – **except** the wp-content folder – from
   a **fresh** download of WordPress. Make sure that you delete the old copies of
   files & folder before uploading the new ones.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘HTTP/1.1 500 Internal Server Error after malware attack’ is closed to
new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 4 replies
 * 2 participants
 * Last reply from: [esmi](https://wordpress.org/support/users/esmi/)
 * Last activity: [13 years, 3 months ago](https://wordpress.org/support/topic/http11-500-internal-server-error-after-malware-attack-1/#post-3448137)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics