WordPress.org

Forums

Malware WordPress infection, plug-in issue, Sucuri.net? (2 posts)

  1. douglasi
    Member
    Posted 3 years ago #

    I have been dealing with a PHP malware injection into all the WordPress installations on my GoDaddy hosted site. In updating and trying to get rid of outdated WP plugs in, I have one called Sidebar Photoblog. But when I go to delete the plug-in, I get a suspicious page that only looks like a WordPress page, with everything in the left-hand navbar blue and the boxes around them blue against a white page (unlike the regular WP dashboard page). If I try to delete the plug-in from this page, it throws me out of the domain to a 'Problem loading page' warning which includes the address of the Russian site that injected the malware apparently.

    How do I deal with deleting an infected plug in like this? GoDaddy said they'd dealt with the malicious code, but obviously not. In every one of the .htaccess files in every folder on my site there is malicious PHP code from the Russian site.

    Looking like I will have to hire sucuri.net to clean this up. Anyone have experience with them?

    Douglaseye

  2. demetris888
    Member
    Posted 3 years ago #

    You can delete the plugins using FTP and deleting the folder /wp-content/plugins. If the problem persists you can re install WP .

    backup db and files
    delete db and files

    change passwords for ftp,db,cpanel

Topic Closed

This topic has been closed to new replies.

About this Topic