How to prevent bot or someone to modify any file automatically?

I’m not a security expert, but the code you include in your question roughly does this:

  1. Check if the request is not for a static page (it can’t insert anything in that)
  2. Check if the request is not from scraper bots Ahrefsbot and MJ12bot.
  3. If both checks are passed make a connection with the server at wpadminadmi.com (this happens on the line that starts with $ch = curl_init)
  4. Retrieve some code from that site.
  5. Include that code ($data) in your site.

So, your site has been hacked and you are probably distributing malware from your site to the devices of your visitors.

Your question does not include any hints as where the malware might be hiding in your own site. What you see is not the malware itself, but another piece of malware it generates.

The root problem may be anywhere, ranging from a compromised ftp-account to a malicious plugin/theme. Your best option is to wipe the site and install a backup. If you don’t have any, you’ll have to go through the motions.

Related Posts:

  1. How can I safely hide the fact that my website runs on WordPress? [closed]
  2. How to stop repeated hack on header.php of custom theme? [closed]
  3. Verifying that I have fully removed a WordPress hack?
  4. If a hacker changed the blog_charset to UTF-7 does that make WordPress vulnerable to further attacks?
  5. Tips for finding SPAM links injected into the_content
  6. brute force attack even though it is limited by IP
  7. What should I do about hacked server?
  8. How can I find security hole in my wordpress site?
  9. Why was my blog post inserted lot’s of ad links by others?
  10. wp-config.php modified?
  11. Security issues with WP sites
  12. Suspicious Files
  13. How to prevent wp-login brute force attack from thousand of different IP? [duplicate]
  14. Malware script in database post table only? [closed]
  15. Verifying that I have fully removed a WordPress hack?
  16. My WordPress Websites are always under attack
  17. How to find exploited wordpress plugin [closed]
  18. Any known bugs that could cause disappearance of the wp_users table?
  19. On new server, site got hacked, permissions a bit strange? Please help
  20. malware undetectable by multiple scans
  21. Replace domain in database
  22. wordpress admin security
  23. Remove hacked code – out of ideas! [closed]
  24. WordPress Database Re-installed (Hacked)
  25. Verifying that I have fully removed a WordPress hack?
  26. Could a user account with a stolen password compromised entire WP site?
  27. how to find the way they hacked my WP site
  28. Is my WP site being hacked?
  29. Should WordPress Add Options to Enhance Security or Leave it to plugin developers? [closed]
  30. WordPress Hacks/Defacing [closed]
  31. What’s the best approach for generating a new API key?
  32. Simplest two-way encryption using PHP
  33. How does the SQL injection from the “Bobby Tables” XKCD comic work?
  34. how fix “this certificate cannot be verified up to a trusted certification authority”
  35. How can bcrypt have built-in salts?
  36. Getting a List of Currently Available Roles on a WordPress Site?
  37. How safe / sanitized is wp_insert_posts()?
  38. From a security standpoint, should bloginfo() or get_bloginfo() be escaped?
  39. Why are passwords exportable as plain text in WordPress?
  40. Is there a way to force ssl on certain pages
  41. What is the purpose of having a token in cookies?
  42. How is password strength calculated?
  43. Regular security checks – what steps should be included?
  44. What are the pros and cons of using a custom front-end to retrieve content from a WordPress back-end
  45. Do Cookies Need to be Sanatized Before Being Saved?
  46. Disable external access to REST API Endpoint
  47. What is the wp-includes/certificates/ca-bundle.crt used for?
  48. Do you need to escape hard coded plain text?
  49. Encrypt emails?
  50. WordPress salts set in config and database
  51. Disallow file edit not preventing plugin install
  52. How to secure WordPress XMLRPC?
  53. Websites defaced by uploading script using theme editor
  54. Does WP show me if I’m logged in from multiple locations?
  55. Has anyone experience w/ WordPress (MultiSite) hidden users (possibly hacked)?
  56. HTTP Security Headers in wp-config
  57. Staging Site: Made Public – Security Questions
  58. Best Way to Enable Two Step Authentication
  59. How to allow internal links using wp_kses filtration
  60. hSite has no css on mobile [closed]
  61. Securing a multi-user permission structure
  62. Is default functions like update_post_meta safe to use user inputs?
  63. No option “I would like my site to be private, visible only to users I choose” in Privacy Settings
  64. Securing wp-config leads to sensitive information leak on wp-settings
  65. What’s the point of forbidding access to wp-config.php?
  66. wp-json and what data does it give away?
  67. Is is necessary to use security plugin for wordpress? [closed]
  68. neccessary?
  69. my wordpress website is suspended [closed]
  70. iTheme Security always lockout my account [closed]
  71. Is it sensible to worry about sanitizing admin input in plugin custom CSS?
  72. WordPress Front end Form – Enable to Submit PHP Codes
  73. Is it safe use wp_editor in public contact form
  74. Is WordPress MultiSite secure & how much can it scale? [closed]
  75. How safe is current_user_can()?
  76. Is it safe to give wordpress directories ownership to www-data?
  77. Troll the hackers by redirecting them
  78. Do we need to escape data that we receive from theme options?
  79. Why does WordPress change a file’s permissions?
  80. Side effects of disallowing *.php requests in production environment?
  81. Outgoing new connection to linked Websites – why?
  82. My Site keeps crashing due to the wp-confg file being deleted
  83. Someone keeps changing my SITEURL (mysql injection or xss?) [closed]
  84. Admin user lacks admin permissions after hack and can’t reinstate
  85. What highest security brake with wordpress and static files?
  86. Spam in WordPress root folder
  87. Can WordPress admin user + database credentials be used to gain Cpanel or FTP access?
  88. Cannot access wp admin of WordPress website (security plugin issue) [closed]
  89. Why are the latest visits to my website originating from my own website?
  90. How do I hide WordPress users from security scanning?
  91. Background Updates Not Happening
  92. wp-config.php file and code injection
  93. FORCE_SSL_ADMIN affecting subdomains
  94. What is the best security $_POST method?
  95. My WP site and password was hacked, what to do? [closed]
  96. Directory to store secure file
  97. How can I give someone server access to only duplicate and modify a site?
  98. How can I implement ansible with per-host passwords, securely?
  99. Can you alter the default wordpress strong password requirements?
  100. how to sanitizing $_POST with the correct way?