Dangerous WordPress Malware : 

A spammer or hacker always try to hack WordPress website or raw PHP website, it's not only those two type website. It could be any type of website. Because a hacker always tries to attack week point into the website. So who developer developed this website and unfortunate keep the security whole into the website it will help for hacker and it could be hacked by the hacker and they could put some malware into this website. The hacker put some shell and try to upload more file like some PHP or python script to execute root permission or brute force to hack cpanel but a hacker anything can do with cpanel if they had successfully uploaded PHP, python, XML shell. Few servers do not accept those file for security reason. But some server accept easily when they can identify the website have some malware then they will generate an email that this server has some malware please take action otherwise your plane will suspend. The message was look like that. some website owner are not check their message continue. That's why they don't know what was problem and they can see only, already hosting plane suspended.They want to contact with hosting provider they are throw a offer that if you want to remove malware you have to pay 300 USD per year.But i am remove the malware from your website only for 20 dollar for each website.

First Step:
If you have malware on the site, you need to backup the site before removing the malware. There are 2 ways to get backup to the WordPress site. The first one is manually backup from Cpanel and the second one is through the plugin. 
 Manually Backup
  • Go to ----> cpanel -> public_html ->  (wp content, htaccess & wp-config file zip) These 3 files need to be zipped and downloaded.

Open the ----> wp-config file and search there DB_NAME. Copy this database name and goto phpmyadmin.


You will find the option to switch from cPanel to PhpMyAdmin.


Then In the phpmyadmin Panel, search by database name. See there my database name was wordpress”. Now I am searching for my database name and click to export database.


Click to go and download the database



Manually backup is complete. You will backup your wordpress site through (updraftplus & all in one wp migration) this plugin. It’s simple, just active one plugin and click to backup site.

Second Step:

Goto Cpanel ----> All files should be deleted except these 3 files (wp config, htaccess and wp content). Then download the WordPress Fresh file from here (https://wordpress.org/download/) and replace the files that have been deleted from cPanel.This means that you can upload all files to cPanel, Exclude the (wp config, htaccess and wp content) this file from your downloaded fresh file.


3rd step:
Reinstall Plugins : Reinstall all your plugins from the WordPress repository or fresh downloads from the premium plugin developer.

Reinstall Themes : Reinstall your theme from a fresh download. Do not upload your old theme, as you may not recognize which files have been hacked.


4th Step:
Activate wordfence plugin and scan your website. If your site is hacked, wordfence will show you many malware files.



See this screenshot. There are Filename: wp-content\themes\astra\index.php. Now It needs to clean the malware script for this location.



This way we have to remove the malware from every file. When the removal of malware from all files is finished then it will be scanned again with wordfence. Hope you understand. 

Final & Advanced Step:
Many times malware files on wordfence do not show scan results. In this case you have to go to cPanel. Each file should be monitored. There are 2 ways to detect malware files. You will see the modified date of each file. Some malware files will have filenames with unknown names.And some malware scripts may contain the theme and plugin's index file.You have to manually check every file. Open the file that you suspect and search by eval. If eval word is stay your file that means this file is infected with malware. See those screenshots.

 



This screenshot is malware website.



This screenshot is without malware.



Author : Neasher Ahmed
DONE. Have A Good Day.
=============================================



bacic.pro deloq.site How safe my server How to clean malware from webserver How to remove malware How to remove wordpress malware How to secure website from hacker tityx.com

Remove Dangerous WordPress Malware from Your Website

What is Malware ?


 Malware is just like a script or unusual tools. It's always harm your website or server and your device. It used for thief your Data or information and money. It's continue made by some Black Hat Hacker to earn money to Black way or Intentionally on someone. but i would like discuss about malware but it's adware but it auto generate from the Malware in web server.


I am Shamim. I am working with cyber security in cyber world. I have an account Fiverr and Upwork I have been solved lot's of web server malware problem. But I am recently face an unique malware issue for Hostgator server. The server has continue generate some adware code into JavaScript and PHP file. That's way your server all of website redirected into a spam and malware website.



Redirected website Below





How to worked ?


The malware load into index.php file using header file by Javascript CharCode. The code continue generate as randomly CharCode. Also the link create infinity loop. When any one load the JavaScript file it will create an set cookie and set cookie value is randomly added.










How to Solved ?


  • Please check all of Javascript file and removed all of the Malware code.



  • Check all header.php file or Header file and you have to removed  malware link according to image below 
bacic.pro deloq.site How to clean malware from webserver How to remove malware How to remove wordpress malware tityx.com

How to Remove malware from Wordpress || deloq.site, tityx.com and bacic.pro Malware

Subscribe to: Posts (Atom)