How to create a plugin with automatic update?
I think this plugin might help https://wordpress.org/plugins/gitium/
virus
How to remove click ads from fresh WordPress site? [closed]
WordPress doesn’t include ads of any kind, so there’s no standard process for removing them. Possible reasons you could be seeing ads are: Your host is adding them, possibly as a condition of a cheap/free hosting plan. You installed a pirated theme or plugin that contains malicious code. Your website has been hacked in some … Read more
Is this a backup door?
Is this a backup door?
Malicious script is being appended to my markup. Help? [closed]
See FAQ My site was hacked in Codex, but really unless you are completely confident you can deal with check/cleanup/secure yourself – your only remaining option is to get/hire someone to do that.
Malware in header.php [closed]
Sorry to hear. You may want to look through the steps and suggestions in this WP Answers post: Verifying that I have fully removed a WordPress hack?
Javascript alert appears before tag
I don’t know what happened, but you can locate the script with grep command. I went to /var/www/ and run grep -r “2819371938193817109948281937271937” *
unable to remove malware from wp website [closed]
Over the years, I have developed a process/procedure to recover a hacked site. While backups are good, it’s not always clear that a backup is ‘clean’ and not hacked. My process includes reinstalling all code (WP, plugins, themes) manually (themes/plugins via FTP from known good source, WP via the ‘update again’ on the Update page), … Read more
How to distinguish between a hack and an encoding error?
If you have checked your database entry of the page/article, you will see that it is a issue on Database side, or by any means there was restoring going on because of the crash, that could be an issue or a restoring plugin/script with a bug why a simple character as ‘ gets messed up. … Read more
Decoded malware code [closed]
The malware stores an array of PHP fragments to execute at the bottom of its own file, delimited and encoded using the MD5 hash of the filename. It has a specific GUID to control it; on start up it checks all POST and cookie values for properly-encoded commands: PHP serialized arrays, XORed with both the … Read more
malware undetectable by multiple scans
There are many ways to infect a site – and many ways to hide that infection from the ‘popular’ security plugins. One way to detect malicious code is via a file-hash-compare function. You may need to write your own though (I did, but it’s not perfect). That function would compare each file’s hash with a … Read more