deelunn2000 0 Posted March 14, 2024 Posted March 14, 2024 Hi There I'm getting this error saying my website has been infected, however I'm doing a scan and I can't find anything with a malware plugin. The website is https://peoplesparksolutions.co.uk/ Can you check for me please? Dee
Administrators Marcos 5,731 Posted March 14, 2024 Administrators Posted March 14, 2024 The website is indeed infected: https://sitecheck.sucuri.net/results/https/peoplesparksolutions.co.uk
deelunn2000 0 Posted March 14, 2024 Author Posted March 14, 2024 Can you tell me how I can clean it please?
Solution deelunn2000 0 Posted March 14, 2024 Author Solution Posted March 14, 2024 Just to add, I ran a scan this morning and found a suspicious file, which I have since removed and the scan is now showing as clean so I don't understand?
Administrators Marcos 5,731 Posted March 14, 2024 Administrators Posted March 14, 2024 I was wrong, the result was from 1 hour ago. After re-scanning it, no threat was found and I'm not getting any alert from ESET while browsing the site either. deelunn2000 1
deelunn2000 0 Posted March 14, 2024 Author Posted March 14, 2024 This is great news, but unfortunately my client (the website owner), is still getting the error message in Edge? I've cleared the cache, is there anything else I can do so the error doesn't appear?
Administrators Marcos 5,731 Posted March 14, 2024 Administrators Posted March 14, 2024 Could you post a screenshot of the error that the user is getting? I can open the site in Edge alright and no AV vendor has blacklisted it either according to VirusTotal. deelunn2000 1
deelunn2000 0 Posted March 14, 2024 Author Posted March 14, 2024 He's just cleared the cache and it appears to be sorted - thank you so much for your help
deelunn2000 0 Posted March 18, 2024 Author Posted March 18, 2024 Hey there The website is infected again - how can I stop this from happening?
Administrators Marcos 5,731 Posted March 18, 2024 Administrators Posted March 18, 2024 wpsec.com reports: WordPress theme in use: Avada Version: 7.7.1 Update to version 7.9.2 https://wpscan.com/vulnerability/6c977bb4-daeb-42ef-b638-f4d323f18d66/ Should it still be getting re-infected, we recommend contacting Sucuri or another website cleaning and monitoring service to help you harden the website against attacks. deelunn2000 1
deelunn2000 0 Posted March 18, 2024 Author Posted March 18, 2024 Thank you! I've updated it there and also noticed a fake administrator user account that shouldn't of been there. Removed them, and changed passwords for all the other users, db and FTP. Hopefully that should stop it 🤞
Most Valued Members Nightowl 206 Posted March 19, 2024 Most Valued Members Posted March 19, 2024 (edited) 20 hours ago, deelunn2000 said: Thank you! I've updated it there and also noticed a fake administrator user account that shouldn't of been there. Removed them, and changed passwords for all the other users, db and FTP. Hopefully that should stop it 🤞 You also need to update your Wordpress and your theme , since the theme is vulnerable , and it's possible to add stuff through logged in admins with that vulnerability according to the link that was posted by Marcos. They will be back since the vulnerability is still there waiting to be exploited again. Edited March 19, 2024 by Nightowl
Recommended Posts