These compromises typically take advantage of weaknesses in the code that your site is constructed with, not the code that the server itself uses.
These weaknesses can be found in themes, plugins or modules you have installed. If you are using an out of date version of WordPress the base install may also be vulnerable.
These types of malicious files can be used to attack other servers, steal data from your website database, install malware on your visitor’s machines and then eventually cause you to be blacklisted by google, preventing organic search traffic reaching your domain.
In order to fix this and restore your site please follow these steps
Please note: You are not able to simply replace your site files with a recent backup. The backup may still contain the malicious software and at the very least it will almost certainly contain the original exploit used to gain access.
[list]
[*]Check your WordPress database for unauthorised admin users (we can help with this)
[*]Download a copy of your site, but keep it separate from your clean backups.
[*]Delete all files from your hosting package.
[*]Install a clean fresh copy of WordPress using our one click installer or a direct download from Wordpress website.
[*]Re-attach your new files to your old database by editing wp-config.php
[*]Download and install the latest version of all plugins and themes needed for your site.
[*]Install the free plugin WordFence, this will help you protect your site from future attacks but it is not by any means a complete solution
(Please avoid downloading any pirate copies of themes or plugins, or software from not from the original developers official. Unauthorised versions or unlicensed versions are often provided pre-hacked)
A good option to use to keep your site updated and free of known vulnerable plugins can be found
here
Once you have completed these steps and are happy the site is clean and secure, please let us know on a ticket and we will complete a check to see if the site is secure.
