Malware spotted (4 posts)

  1. feintnate
    Posted 4 years ago #

    I have a few wordpress installs on my shared hosting, all are having javascript injections below the footer. I deleted all core files and reinstalled. No fix.
    I changed the name of the plugins folder essentially disabling all plugins. No fix.
    I loaded a different theme. No fix.

    In looking at the injected code, I find this
    "Index of /wp-includes/js/lib

    Parent Directory

    Apache Server at http://www.dioceseofcabanatuan.com Port 80"

    A search on google for "wordpress http://www.dioceseofcabanatuan.com" shows LOTS of websites with the injection happening ( who probably dont even know it).

    I sent a trouble ticket to my host (bluehost).

    Anyone seen this or know how to get rid of it?

  2. adpawl
    Posted 4 years ago #

  3. feintnate
    Posted 4 years ago #

    I have gone through many different routes to look for the injected code within the site itself. Because it effects almost all the wordpress installs on my server, I am thinking it is at the root level somewhere at Bluehost. Still interested if anyone else has seen this.


  4. adpawl
    Posted 4 years ago #

    Just break the security of only one page, and whole account is compromised.
    Infection all other pages, even the super-safe is not a problem.

Topic Closed

This topic has been closed to new replies.

About this Topic