Answer the question
In order to leave comments, you need to log in
An unknown file is being connected. How to get rid?
Hello. For a week or even more, I notice that some third-party js file is connected to the head of the site . It is not registered anywhere in the theme functions, but it is in the header.php file. But even after deleting the line, after some time it reappears (with a different domain).
The behavior of the site (at least for me) is not affected in any way. However, some users have addressed the problem of unavailability. When visiting them, they just redirected to another site, and some of them got this warning:
What can cause this file to be connected and how to get rid of it once and for all? I would be grateful for any help or thoughts about this case.
Answer the question
In order to leave comments, you need to log in
Install the latest updates on WordPress and plugins for it, change passwords on the admin panel. You are automatically broken.
Isn't that browser dependent? Use wget to request the page and see what's there.
I think if you disable writing in header.php to unprivileged (and in general, sort out the rights) users like nobody, and www, then the problem will disappear.
Look for the backdoor, this article will help in scripts , change all passwords (ftp, admin, etc.) and monitor the patient.
In general, you need to update everything and look for the rest of the backdoor. A more complicated option is to look at which plugins, which holes are in them, which of the plugins are outdated and need to be replaced. In general, there are at least a dime a dozen methods, you need to look at each specific case.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question