iftkhargabol

Wellcome always

Hello hypelist,
I have read your post regarding the compromised website. I have faced this issue earlier and I have applied the following steps for removing all the infected files and made it secure for the future.

Steps:
1 – Restore recent or old backup which is not compromised, if all the backups are compromised/infected then still you have a chance to remove malicious code from all the infected files.
2 – After restoring the backup you will be able to excess the wp dashboard, if not just go to the wp-config from the Cpanel and make error reporting true by adding following code in wp-config ;
define(‘WP_DEBUG’, true);
define(‘WP_DEBUG_LOG’, true);

try to remove the malicious code from the pointed file now ,if you will able to access the dashboard then install “Wordfence Security ” free plugin and scan your website, it will scan and give you file names and malicious code changes. Remove or fix all the listed files by Wordfence Security scan.

3 – backup database and delete the database and DB user completely, make a new database and database user upload DB in it.

4- Put IP restriction in through htaccess for admin login, that only admin from the following IP could open wp-admin page.

5- Consult with some Linux or server expert for putting files permission on the cpanel files.

I hope this could help you.
Thank you.

Hello neptune1,
Could you please send me a screenshot of the error? maybe this is due to the missing some parameters or wrong configuration in the contact form . just send me screenshot of contact form which you are using