Malware on WordPress pages

  • Resolved daniel10gs

    (@daniel10gs)


    4 weeks ago

    Hi everyone,

    I have multiple websites hosted on One.com that have been infected by what appears to be a malware redirect to: Valid-check-tl-4.azurewebsites.net.

    We’ve tried all the recommended steps from One.com, like updating plugins, etc and also paid and external company which could not find anything, so the issue persists. We also installed Wordfence, and while the scan mainly flagged some outdated plugins, it showed everything else as clean.

    My question is: If I upgrade to Wordfence Premium, could it potentially resolve this issue? Or does anyone have other advice on how to remove this malware redirect from our sites?

    Thanks in advance for any help!

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @daniel10gs, sorry to hear you’ve had some trouble with a potential malware issue.

    Despite having somebody try to clean the site already, you could try following the checklist here:
    https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

    Make sure all of your plugins and themes are up-to-date and make sure WordPress core is on the latest suitable version. As a rule, any time someone thinks their site has been compromized, they should update their passwords for hosting control panel, FTP, WordPress admin users, and database?in order to cover the key access points where somebody could change or upload things on your site. Make sure to do this!

    Additionally you might find the WordPress Malware Removal section in our free Learning Center helpful.

    If you are unable to clean this on your own we do offer a paid service too but are unable to discuss those here on the forums. Please contact presales @ wordfence . com if you’d like to discuss your situation further.

    If you choose to follow our guides yourself, or let someone else take a look, we recommend that you make a?full backup of the site beforehand.

    If you find anything that you feel may help our Threat Intelligence team and the wider WordPress community, it can be possible for known issues to be packaged in a different way to cases seen before by our scans. You can send these to?samples @ wordfence . com?if you do, just make sure to?remove any database credentials or keys/salts?in any files you do send over. Our team can help advise next steps from there.

    Many thanks,
    Peter.

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.