Support » Fixing WordPress » quttera plugin + website malware

  • Hi,

    I have 2 problems with one of my wordpress websites:
    – Quttera plugin is not working, whenever i click Scan Now, nothing happens, i have tried removing the plugin and re-installing but all in vain.
    – On every 15th of each new month, all my wordpress websites (almost 40 websites) get infected with malware. I have wordfence installed, sucuri security and also quttera, I clean them all with quttera each month 🙁

    Can someone please help me with my issues pls?

    Regards,
    Matthew

    The page I need help with: [log in to see the link]

Viewing 8 replies - 1 through 8 (of 8 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Forum Moderator & Support Team Volunteer

    >> all my wordpress websites <<

    Are all of these on the same host?

    Re quttera: I recommend asking at https://wordpress.org/support/plugin/quttera-web-malware-scanner/#new-post so the plugin’s / theme’s developers and support community can help you with this.

    Get a fresh cup of coffee, take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    @sterndata I have a cpanel hosted at godaddy, i suspect that they are doing it on purpose every month.

    let me take some time to read it. I have used sucuri and wordfence but my sites still get infected. i can’t take it anymore, i need to solve it

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Forum Moderator & Support Team Volunteer

    First, contact GoDaddy and have them take a look at your sites; maybe there’s something going on with that server. Then, go through the delousing procedures.

    @dnmmalta regarding plugin scan issue, the scanner scheduler utilize wordpress cronjob mechanism to run malware investigation in background and do not impact website performance. Please verify cronjob mechanism is enabled and running properly on your sites.

    Try to investigate website access logs and correlate attack IPs. If all sites being infected on the same date, you should see the same IP on all sites (all access logs).

    Best Regards,
    Quttera Team.

    @quttera re cronjob mechanism I have now added this code in the wp-config.php but it still doesn’t work:
    define (‘ENABLE_WP_CRON’,true);

    re access logs i will check what plugin i can use

    @sterndata i have contact godaddy a few months ago and they always say that they are not responsible and they try to make me spend more money (that is what they do)

    Let me go through the procedures and see what i can do 🙁

    @quttera I think that I have fixed the scanning issue, all i did was this:
    disabled all plugins and re-activated all of them back, scan worked just afterwards, no idea what could have caused the issue.

    now we have to try to figure out how to block the malware from occuring again on ALL sites. that will be a tricky one

    @dnmmalta, Thank you so much for the update, great to know that scan finally worked for you.

    Regarding ALL sites reinfection, please pay attention if all your websites managed under a single hosting account, (re)infection of one website will lead to (re)infection of all other sites since all sites share the same user/access permissions.

    Thus a single plugin vulnerability in one website can actual lead to reinfection of all sites.

    Please try to go over all website access logs in a range of 36-24 hours before reinfection.

    Best Regards
    Quttera Team.

Viewing 8 replies - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.