Psychogamer

Ok one last update in order to close this post

I finally managed to clean my cracked site.
I will write down what i did in case someone else in the future has the same problem.

First of all, dear visitor who have the same problem as i did (read the rest of the posts)…..stay calm. Panicking never,ever solved anything.
Take a few breaths, go for a walk and then come back and start reading again. I know it is scary and hard but you have to calm down.

I had to deal with a spam link, redirecting to other spammy links and my domain was used for that.

First step is to stop being naive that you do not need anykind of site security because your internet provider is gonna cover that part. Think again. You are in this cituation because of that way of thinking.

Get a notebook beside you and start writting down everything you are doing, TRUST ME on this it will come very handy in the future.

Change all the passwords in everywhere (wordpress login, isp c-panel, database, ftp, email ) everything that is involved with your site.
use strong complicated long passwords…..and write them down

Get rid off immediately any unsed themes and plugins. Do NOT fall in the mindset trap of thinking you will need them in the future. Get them when you will actually need them.

Update everything in your wordpress installation something you should never neglect.

Now go and save all the files and database from the control panel of your internet provider ( ISP). A cracked copy of your site is much better than nothing.

Next you need to educate yourself. You need to learn what you are dealing with. Scan your site with :

unmaskparacites.com
sucuri.com
virustotal.com
sitescanners.com

some will say your site is clean some will give results. Take whatever u can without complaining.

Then follow the links Wpyogi has posted above, and read until your eyes pop out of their sockets, actually do not read…..study every phrase written in those page, suck all the knowledge. Ignorant people will always have problems so you have to stop being ignorant like i was.

Contact the customer service of your ISP and tell them with detail what is going on. I am fortunate enough cause the c. service of my ISP is kick ass. And they helped me alot scanning my site and telling where the infection was. So i would clean it up.

Install security plugins to your wordpress installment. Firewall and antivirus are a must. There are plenty of them available. At some point i got overwhelmed by the options i had, so in order not to get crazy over it i chose the best recommended by other wordpress users and i installed them all, one by one of course because more than one security plugin doing the same thing will break your site even further. So install them one by one and scan your files until u find and remove the infection.

everytime you have some favorable results, make a new save on a seperate folder of your site files and database I understand its a pain in the ass but if something goes wrong and you have to replace those files now u have multiple options. If your complaining over this remember the cituation you are in.

Scan again your site with the scanners above and check constantly how your site looks and if it was improved. If your internet provider is helping you, update him everytime you have good results.

I do hope you are keeping notes, by now you sould have plenty of pages written down.

So the most work i had to do was study the links wpyogi gave me, where of course those links gave birth to dozens more,
then install one by one the security plugins i thought they would help me (i used 8) , messing around with their settings, scanning the site, save the site files and database, keep contact with my isp c. service………rinse and repeate until one day my site was clean like a bathed little baby.

If you managed to clean your site do the following

play your favorite song and start dancing cause if you did everything by yourself (and if you did what i did…that was a lot of work, it took me 2 weeks) you deserve it.

Make copies of your clean site files and database in 2-3 different locations and update thsose saves everytime you make changes to them.

That was a big and valuable lesson to me and i sure did learned alot the hard way.
One of the things i learned was that internet providers only protect their customers against server attacks and the security of the website is our responsibility. of course they will always try to sell a super duper security product but i do have doubts whose fault was in the first place for the infection since i had everything updated, had strong passwords in everything associated with my site, my pc was clean and i used sftp for my uploads). Anyways everything turned out well, i hope i ll never have to go through something like that again cause it was one of the most time consuming things i have ever done since i started with wordpress.

Thank you everyone for the help.

Thats it…i hope this post will help someone in the future.

the admin of this site https://www.modemotiondesign.com

if u put https://www.psychosgamers.com at the check box of unmaskparacites.com

u will see his website as one of the external links, a website i have nothing to do with

so should i contact him tell him whats going on? maybe he is responsible maybe is not.

ok here is what i have found so far

internet providers do not gurantee any protection apart from a basic one, if a user wants a secure website he/she has to pay for it
i was really naive that i didnt need antivirus/firewall for my website

the unmask parasites is amazing
https://www.unmaskparasites.com/security-report/
check the link to see what was revealed
do u see at the External References section the cultprit?
https://www.modemotiondesign.com (should i contact the admin?)
then scroll down to the additional tests section and click reveal hidden spam links and see all the beauty…..what is all this crap?

i have done some of the suggested actions mentioned byt he links u provided wpyogi

should i contact the admin of the website above i have already written an email and its waiting to be sent.

i do not want to proceed in an aggressive action by deleting everything and uploading them again as one of the solutions was.

what do u advise me to do

a suspision becomes a probability…..thats really frustrating

i guess i have some reading to do

thank u for the info and your help

i ll get to it and i ll post the results

sorry for the laste reply i had to deal with some issues here.

thank u for replying webmistress

i downloaded the .htaccess, opened it but i didnt find anything resembling my problem….any ideas?