wp-login unauthorized iframe recaptcha redirect prevents login

  • Resolved twolanz

    (@twolanz)


    6 years, 8 months ago

    I have an iframe redirect in my wp-login page that I did not install. I talked with my host. They assured me that they did not install the iframe link on the page either.

    When I scan my wp-login page with isithacked I get this:

    <iframe src=”https://www.google.com/recaptcha/api/noscript?k=6LdLwd8SAAAAALft5whK9ZfINkT6vmTdF4iWgt5t&#8221; height=”300″ width=”500″ frameborder=”0″></iframe>

    That code doesn’t appear in the wp-login text file. How do I delete this iframe code?

    I can FTP into the site, but even if I disable all of my plugins, the wp-login page iframe page link still redirects.

    Wordfence latest version is installed, but I can’t log in to access it. Any suggestions?

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi @twolanz

    I’ve checked your login page now and this is what I got:
    https://snag.gy/nFoc8L.jpg

    So, this is definitely something you need to report to your web host as it was mentioned that “your host has introduced a captcha image”. If they didn’t recognize that, then most probably your site was hacked on the server level and I recommend hiring a professional security analyst to clean your site in this case.

    Thanks.

    Thread Starter twolanz

    (@twolanz)

    2018-06-27 PROBLEM RESOLVED!

    In my public.html/subdirectoryname there was a php.ini file that contained a single line of code. That single line of code was calling a specific file in the WP-LC directory. I was instructed to append a “;” to the front of the line to comment out the offending code. Problem solved. Thanks, Wordfence!

    @wfalaa Thanks for your comment. My host wasn’t able to solve the problem. However, the fine people at WORDFENCE took one look, determined the problem immediately, and had a very simple solution that worked. I am so happy. ??

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘wp-login unauthorized iframe recaptcha redirect prevents login’ is closed to new replies.