disable or remove all plugin , looks like u have installed some maliculous plugin , also scan your website for harmful script.
Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
Hmm I’m not sure why you think there’s a malicious plugin @bukge
@bukge Do you know what tool I can use to scan the scripts?
@andrew I contacted the hosting provider who said there’s a good chance the problem is linked to bad plugin, plus there’s no other reasonable explanation as of yet
Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
Did you download the plugin from WordPress.org? Then there’s little chance that you will have malware. If your hosting providers have anything more than a ‘gut feeling’, can they point to a specific line of code in the plugin’s file causing the issue (assuming they do, otherwise they wouldn’t make this serious point)?
Then can you let us know so that we can explore this?
Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
An explanation would be that you were hacked one time and the website was never fully cleaned up of the hack. Changing passwords will not clean up a hack if you are already hacked. The hacker will leave a backdoor in your site so that they can walk straight back in even if you remove the symptom of the hack.
Most of the plugins I have were downloaded from the internal plugin search (so I assume that’s wordpress.org) and were rated highly too. However, there were also a few plugins installed with the installation of my theme.
Regarding the hack, do you have any suggestions on identifying the backdoor and fixing it?
Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.
