How to fix unknown malicious cookie stuffing in my WP Site Please Help...

by 10 replies
10
I'm running out of idea's...

Yesterday when I was using the Pingdom site speed tool. It came to my attention that there are some unknown redirects happening when loading my website, check:



The worst part is, it's unnecessarily loading files that are slowing down my site:



Obviously, it must have been some plugin that I previously installed, but now I don't know what to do... There is absolutely no information online about how to combat this, I've checked htaccess files and even searched the whole root directory of my site but still, nothing turns up...

I'm really just hoping someone on here has experience with removing these pests and can maybe help or give me some idea on where to look for this code so I can remove it... Would hugely appreciate it
#programming #cookie #malicious #site #stuffing #unknown
  • Same issue,i am facing also...but i am try to solve this problem...
    • [1] reply
    • I read somewhere that if you replace the wp-admin and wp-includes folders with the original copy it may clear out the malicious code, but it's not guaranteed as this code could be hiding anywhere...

      Also I'm not exactly sure how to do that as hostagator doesn't let you upload folders -_- , the other thing I found was you can pay to get your site cleaned for like 200$ which is hilarious and sad at the same time, cus I'm broke, this website is supposed to make me cash...
  • what i do then:
    1- create a backup of the site with wp clone
    2- download the backup
    3- use fileseek to scan the code for the malicious code
    4- remove the offending code..

    good luck and msg me if you need more help
    • [ 1 ] Thanks
    • [2] replies
    • Thank you Yvon, I will try that and report back to you
    • Thank you for your help Yvon, problem solved...
  • Yvon Boulianne

    Is there not a way to see where the code for this redirect is coming from using dev tools? I tried searching for the url in all files but nothing turns up
  • Did you download a "free premium" theme from an unofficial source? Because this is usally what happens. You have obfuscated code in the theme.

    Put the site on the vanilla WordPress 2017 theme, and test again.
    • [1] reply
    • Thank You!!! You are a genius, so it was the theme... How did you learn about that haha
  • hey there


    This is a very good software that will eleminate bad bugs from your website

    I used the free version and it works well

    Do a google search for "superantispyware"

    down load the free version first and tried it

    You can buy later if you choose to

    ok
    talk soon
    sam f
    • [1] reply
    • HI,
      At first scan your WordPress site by wordfence plugin just to know which files are infected. but do not take action by wordfence. website will be down you can't access. then check those files by cpanel or ftp you can see some scripts that wordfence detected, need to clean those manually from all files. Then you need to replace all wordpress core files. You have to keep these files only ( wp-content, wp-config.php, .htaccess ) . if not fix you can replace fresh wordpress theme. all website post and database will be same. no problem.
      thanks.
  • Banned
    [DELETED]
Join the discussion

Next Topics on Trending Feed