-
Posts
-
Hello Unfortunately I have a “virus” on my side. Only I do not really know how to get it off. I have the impression that this has been introduced with the Einfold Theme. All links on Google which should go to the http://stefan-mauermann.de go to another website: namely on the http://www.passexamonline.com/300-075.html? I have no explanation for that :-( What can I do Thanks for your help.
Good day. I am sorry you are having this problem. I have been using the Enfold environment for quite a long time and it is rather unlikely that Enfold was the root cause of this. The issue you are having looks like a SQL injection attack to me where any content that is supposed to go to your site gets redirected. There are numerous ways this could happen. It is more likely that your server htaccess file has been overwritten thereby redirecting anything trying to come out of your site. You might want to contact your host and have them check for server penetration first. Just my two cents.
Hi stimmungshoch,
If your site has been compromised in some way then I would try what crtdude suggested, though if you want to make absolutely sure that your site is clean then I would turn to professionals like Sucuri.
Best regards,
RikardHello Rikard and crtdude. thanks for feedback. I contact my provider , but he is very slow with feedback. i still wait. Unfortunately, I have no idea what I could do and where I could look. on the wbseite itself I have no problems at the moment. I also changed the password. maybe the page was hacked. I can not imagine it because the password was very special and only I had access. Unfortunately, I am not technically specialized. just a user. Thank you
If a compromise has happened, it was likely not from someone guessing your admin password. When Google crawls your site, it collects information contained in the WP database. This is likely where the issue is. In some cases you won’t even know if just looking at your web site. I know for fact that there are hundreds of China-based bots scanning sites all the time looking for weaknesses. When they find one, they will upload php code and execute it on the server, injecting code into the database to accomplish exactly what you see happen when you go to Google and search for your site. It usually happens with paid Google ad sites but does to others as well.
Long story short – as Rikard suggested, if you’re not a pro at WP and server side admin, check with a pro. I suggest Wordfence, but choose as you wish. There IS an underlying reason for this.
Hi,
Even for someone who works with WordPress full time and is experienced, undoing a hack can be very difficult. If someone approached me wanting help with a hacked site, I would have Sucuri clean it just to be sure it’s done properly. It’s up to you of course, but I would recommend that you have them or a similar company to clean your site.
Best regards,
RikardHi,
After your site is cleaned, you might want to consider to add extra protection to your site. There are plenty of good services around, I can personally recommend SteadyWP. They should be able to help out with cleaning your site as well.
Best regards,
RikardHello, thank you for your help and advice. My provider answered me.
The problem here in the English translation: The last changes to this index file were made via:
Filename: ~ / MF / wp / wp-includes / widgets / class-wp-widget-descri.php
I cleaned the index.html for the first time. All systems are up to date. Here were things that were registered by the hack. Currently I have no problems. The virus servers of the provider are silent.
Best regards StefanStefan, if files were modified as a result of a hack, it is likely the database is loaded with hacked entries as well. You may want to have someone take a copy of your database offline and examine it for entries that could be problematic. The type of rerouting I have seen in the past make mods to your htaccess file as well so have your provider check that too. Just because you don’t have an issue now does not mean you won’t at some future point if you are not completely sure the issue was cleared up in its entirety.
- You must be logged in to reply to this topic.