WordPress Malware Attacks

Wordpress LogoOver the past several weeks WordPress has been attacked on several hosting providers.  Recent attacks alters files within WordPress that redirects visitors from your site to a malware site.

Sucuri Security has posted instructions on how to remove the infected code from your WordPress site.  The instructions to remove the infected code is as follows:

NOTE:  If you are running any caching applications on your WordPress installation, it will be necessary to flush all cache.

If your site is not getting cleanup after you run it (or you are getting extra empty lines on the top of your files), it means that the script didn’t finish to run properly.

  • Try running it again. It it doesn’t help, upload it to some sub directories (like wp-admin, wp-content and wp-includes) and run directly from there. For example:
    • http://yoursite.com/wp-admin/wordpress-fix.php
    • http://yoursite.com/wp-content/wordpress-fix.php , etc.

Leave a Reply

Your email address will not be published. Required fields are marked *


Subscribe without commenting