S
S
Sn0wSky2015-01-16 14:17:05
Malware
Sn0wSky, 2015-01-16 14:17:05

Where do viruses come from in WordPress?

I just don’t know what to do anymore, every time I use the latest version from https://ru.wordpress.org/
Of the plugins, only the most popular ones with > 100k downloads and 4-5 stars (ACF, RusToLat, etc.)
Regarding vulnerabilities purely my code - viruses get out even in themes with the most default loops and no frills.
Probyval completely demolish everything to zero. Installed Microsoft Essential, checked everything clean.
The viruses themselves usually replace category.php and add it in different ways - 404.php, Template.php, and the host also sends curses that there are 10-20 more files with malicious code.

Answer the question

In order to leave comments, you need to log in

7 answer(s)
D
Dmitry Belyaev, 2015-01-16
@CuamckuyKot

First of all, check your computer for viruses :-)

N
Nikita, 2015-01-16
@Nivalis

They could also steal FTP passwords.

A
Alexander Evgenievich, 2015-01-16
@banderos120

Look at the logs of POST requests to files. Especially for files with gibberish names, 404.php, index.php. If WP , then look at the JS folders of WP scripts, plugin and theme scripts, uploads, wp-content/languages ​​folders and subfolders. Also, check your computer, as mentioned above. If you have cleaned malicious files, then change FTP passwords and accesses. Install the "All in one WP security" plugin on the WP site, enable file change tracking there, reports will be sent to the mail.
plus here

V
Vladislav 21rpk, 2015-01-16
@vlad7rpk

Scan the site with AI-bolit , check the logs, as Alexander wrote above, update WP, disable plugins and themes if you downloaded them from dubious sources.

E
Eugene, 2015-01-16
@Nellint

Viruses can "throw" you through holes in scripts (plugins). Check them out, update them.
Delete unnecessary ones.

S
Sanes, 2015-01-17
@Sanes

Plugins and themes should be checked. The fact that add-ons are in the top does not mean at all that they are without bookmarks or corny full of holes.

@
@prografika, 2017-04-15
_

Each case is individual, I would also change the passwords to the database. Recently, my clients come for cleaning whose viruses are poured directly into the database.
1. Updated plugins and WP
2. Cleaned up the theme with handles.
3. We dug and looked with our eyes at the code at the root and looked for extra files.
4. We put the captcha and hide all sorts of holes with our hands, if you don’t know how, then try to install the plugin.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question