Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
Konstantin2015-02-26 17:10:04
Computer networks
Konstantin, 2015-02-26 17:10:04

How to find out where the worm is registered in WP?

A worm has wound up on the hosting, which, when entering sites from mobile, replaces the URL and gives out the wrong sites that you need.
Previously, almost all sites were in html, now I have put some on wordpress. But two months later, the worm began to replace the address from the mobile on this site as well. How to calculate where he registered?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

6 answer(s)
Report
M
Maxim Grechushnikov, 2015-02-26
@maxyc_webber

check
1. pattern. first of all futur.
2. plugins.
nowhere else

Report
C
Chvalov, 2015-02-26
@Chvalov

Change passwords from billing and from FTP
Perhaps there is a shell on the site, or a hole through which you filled this muck.
Look at the .htaccess file and template files.
Since mobile forwarding can only be done by User-Agent (The most common way).
Also, AI-Bolit would not hurt you
And if possible, give a link to the site
And yet, does it replace everyone or just you?

Report
N
Nastya Sukharik, 2015-02-26
@nastya_cyxarik

on one site there was such a trouble, check your computer, check ftp, then look for the script in the template, I had it in the header. You can find it with firebug first.

Report
E
Elena, 2015-02-26
@Nidora

Change passwords for everything - it's for anyone.
Well, you need to find the worm through Total Commander. Wordpress is such a CMS that has a lot of vulnerabilities due to plugins. Maybe check the plugins.

Report
A
Alexander Evgenievich, 2015-02-27
@banderos120

This virus sits in HTACCESS, or rather not itself, but the result of activity. The virus itself is most likely in the 404.php files and in the languages ​​folder. Look at my previous answers, there are solutions on how to deal with this.

Report
K
Konstantin, 2015-03-02
@stilet_designer

Thanks for answers. How to search for worms through the total? Haven't seen anything like it.
Here is the HTACCESS
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

Similar questions
S
Stanislav Grigoriev2018-12-28 19:11:04
How to set several different buttons to open one tab? 3Reply
W
wolf-98302014-03-29 21:35:00
How to change image coordinates in javascript? 1Reply
A
Artyom Tsymbalyuk2016-05-23 00:10:56
Is there a service for buying a number for forwarding to another? 2Reply
N
Nikolai Ivanchenko2016-05-24 08:01:14
Will it be possible to set up Voip phones? 2Reply
P
Parovo22014-04-02 01:25:53
Same origin policy - how to figure it out? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question