How to fix unknown malicious cookie stuffing in my WP Site Please Help...

by Jason Nicoll

Posted: 7 years ago 10 replies

PROGRAMMING

I'm running out of idea's...

Yesterday when I was using the Pingdom site speed tool. It came to my attention that there are some unknown redirects happening when loading my website, check:

The worst part is, it's unnecessarily loading files that are slowing down my site:

Obviously, it must have been some plugin that I previously installed, but now I don't know what to do... There is absolutely no information online about how to combat this, I've checked htaccess files and even searched the whole root directory of my site but still, nothing turns up...

I'm really just hoping someone on here has experience with removing these pests and can maybe help or give me some idea on where to look for this code so I can remove it... Would hugely appreciate it

#cookie #malicious #site #stuffing #unknown

techugo 7 years ago

Same issue,i am facing also...but i am try to solve this problem...
- Thanks
- 1 reply
Signature

Ankit Singh
Techugo - Top Mobile App Development Company
{{ DiscussionBoard.errors[11153196].message }}
- Jason Nicoll 7 years ago
  
  I read somewhere that if you replace the wp-admin and wp-includes folders with the original copy it may clear out the malicious code, but it's not guaranteed as this code could be hiding anywhere...
  
  Also I'm not exactly sure how to do that as hostagator doesn't let you upload folders -_- , the other thing I found was you can pay to get your site cleaned for like 200$ which is hilarious and sad at the same time, cus I'm broke, this website is supposed to make me cash...
  
  Thanks
  
  {{ DiscussionBoard.errors[11153363].message }}
Yvon Boulianne 7 years ago

what i do then:
1- create a backup of the site with wp clone
2- download the backup
3- use fileseek to scan the code for the malicious code
4- remove the offending code..

good luck and msg me if you need more help
- [ 1 ] Thanks
- 2 replies
Signature

Stop Struggling With Your Website and Marketing
30$ / task, pay after done!
{{ DiscussionBoard.errors[11153541].message }}
- Jason Nicoll 7 years ago
  
  Thank you Yvon, I will try that and report back to you
  
  Thanks
  
  {{ DiscussionBoard.errors[11153554].message }}
- Jason Nicoll 7 years ago
  
  Thank you for your help Yvon, problem solved...
  
  Thanks
  
  {{ DiscussionBoard.errors[11153759].message }}
Jason Nicoll 7 years ago

Yvon Boulianne

Is there not a way to see where the code for this redirect is coming from using dev tools? I tried searching for the url in all files but nothing turns up
- Thanks
{{ DiscussionBoard.errors[11153572].message }}
kpmedia 7 years ago

Did you download a "free premium" theme from an unofficial source? Because this is usally what happens. You have obfuscated code in the theme.

Put the site on the vanilla WordPress 2017 theme, and test again.
- Thanks
- 1 reply
Signature
FAQ: Need a Site5/Arvixe/Hostgator alternative? And who is EIG?
Reviews: Need a good VPS, dedicated server, or unlimited host? (This is NOT a fake "top 10" list!)
{{ DiscussionBoard.errors[11153619].message }}
- Jason Nicoll 7 years ago
  
  Thank You!!! You are a genius, so it was the theme... How did you learn about that haha
  
  Thanks
  
  {{ DiscussionBoard.errors[11153756].message }}
fratt55 7 years ago

hey there

This is a very good software that will eleminate bad bugs from your website

I used the free version and it works well

Do a google search for "superantispyware"

down load the free version first and tried it

You can buy later if you choose to

ok
talk soon
sam f
- Thanks
- 1 reply
Signature
CJFRAZ.BLOGSPOT.COM
CJSYSTEMS.BLOGSPOT.COM
{{ DiscussionBoard.errors[11153939].message }}
- sayfubary 7 years ago
  
  HI,
  At first scan your WordPress site by wordfence plugin just to know which files are infected. but do not take action by wordfence. website will be down you can't access. then check those files by cpanel or ftp you can see some scripts that wordfence detected, need to clean those manually from all files. Then you need to replace all wordpress core files. You have to keep these files only ( wp-content, wp-config.php, .htaccess ) . if not fix you can replace fresh wordpress theme. all website post and database will be same. no problem.
  thanks.
  
  Thanks
  
  {{ DiscussionBoard.errors[11164851].message }}