I inherited a WordPress site for a company. That company submitted adverts to Google which referenced the Website.
Infrequently, Google would reject the advert saying the Website had malicious code on it would reference URLs such as:
https://[pianistrefutationgoose.com]/sfp.js
https://[regulationprivilegescan.top]/advertisers.js
https://[coatsanguine.com]/pixel/pure
The site was submitted to various scanners but I could not find the problem.
Eventually the problem was found because the site encountered an issue and a Wordpress email described the problem.
Since
WordPress 5.2 there is a built-in feature that detects when a plugin or
theme causes a fatal error on your site, and notifies you with this
automated email.
In this case, WordPress caught an error with one of your plugins, Monetization Code plugin.
WordPress version 5.7.2
Current theme: H-Code Child (version 1.1)
Current plugin: Monetization Code plugin (version 1.0)
PHP version 7.3.12
An error of type E_PARSE was caused in line 89 of the file /var/www/wp-content/plugins/mplugin.php. Error message: syntax error, unexpected end of file
The last part indicated the file in question mplugin.php.
You also neeed to check the database.
https://acinonyxweb.agency/cybersecurity/your-website-is-probably-infected-without-your-knowing-it-how-to-detect-and-clean-viruses-from-wordpress/
SELECT * FROM `wp_options` WHERE (CONVERT(`option_name` USING utf8mb4) LIKE '%ad_code%' OR CONVERT(`option_value` USING utf8mb4) LIKE '%ad_code%' OR CONVERT(`autoload` USING utf8mb4) LIKE '%ad_code%') LIMIT 50
The wp-content\plugins\admin_ips.txt file contains a list of administrator IPs - when the Website is called from these IPs the ad code is hidden, to stop you discovering it.
No comments:
Post a Comment