Website has Pop – up, Doesn’t show up in Wordfence scan

  • My website started having these pop ups like “You’re a winner” or something like that, usually the usual scam pop up. I downloaded wordfence hoping that it would help me with it, but with multiple scans, it wasn’t able to find the problem.

    I was hoping for anybody to help me or give me an idea on how to deal with this problem.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @jedco03, thanks for reaching out.

    I spent some time on your site and also clicked around to different pages but didn’t encounter the popup (or a popup blocked message in my browser) myself. I would double-check a browser different to your default, or a private/incognito browsing window to make sure it isn’t cached or specific problem at your end first.

    Once you’ve confirmed the problem is with the site itself, our detailed site cleaning instructions will help you out: https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

    Make sure that all your plugins and themes are updated, and WordPress core too if it’s not already. As a rule any time somebody thinks their site has been compromized, I also tell them to update their passwords for their hosting control panel, FTP, WordPress admin users, and database in order to cover the key access points. Make sure to do this as Wordfence is an endpoint firewall so runs when PHP runs, so passwords outside of the site itself could be a factor.

    Additionally you might find the WordPress Malware Removal section in our free Learning Center helpful. Wordfence and other providers offer paid services to clean your site for you if you’re still having trouble.

    Many thanks,
    Peter.

    Thread Starter jedco03

    (@jedco03)

    Hello Peter, I’ve already checked and updated all the plugins. All though I ran multiple scans, it didn’t seem to find the script. It is still happening and redirecting us to a malicious website, it happened even with different devices and different networks. Even a customer messaged us about the same reason.

    What I could gather about the threat are:
    1. It does not happen always, it may not redirect now, but it would later. It seems like the hacker doesn’t want to be easily found.
    2. It mostly happens when you search ‘EA Pilipinas’ on google first and then clicking the link. Typing the address doesn’t trigger it always. If it won’t show, try doing it in incognito also.
    3. Its mostly redirects, or this is just the things I encountered.

    I really hope you could help me with this. Thank you for reaching out. Please try and test if you would get the problem based on the things I shared.

    • This reply was modified 3 weeks, 1 day ago by jedco03.
Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.