1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to get rid of malware injections ?

Discussion in 'Blogging' started by cyrsss, Apr 20, 2012.

  1. cyrsss

    cyrsss Regular Member

    Joined:
    Jul 10, 2010
    Messages:
    396
    Likes Received:
    64
    Occupation:
    SEO Analyst
    Location:
    SKY
    We have more then 100 wordpress websites host on hostmonster but problem is iframe injection.Everytime I remove injection it will come again directly hit .htaccess file.Please any body have idea how i protect my websites through that shit ???



    Sorry Moderator if it is not proper category for this thread!!!!
     
  2. roster67

    roster67 Registered Member

    Joined:
    Mar 27, 2012
    Messages:
    69
    Likes Received:
    10
    Upgrade wordpress to lastest version if not already done.
     
  3. asdrubale

    asdrubale Newbie

    Joined:
    Mar 28, 2012
    Messages:
    15
    Likes Received:
    1
    have you set a secure permission for the directories? 755 for directory, 644 for files, 600 wp-config.php.
     
  4. cyrsss

    cyrsss Regular Member

    Joined:
    Jul 10, 2010
    Messages:
    396
    Likes Received:
    64
    Occupation:
    SEO Analyst
    Location:
    SKY
    Already done but no luck
    All above permission settings are same in hosting

    More this malware made me stuck
     
    Last edited: Apr 21, 2012
  5. asdrubale

    asdrubale Newbie

    Joined:
    Mar 28, 2012
    Messages:
    15
    Likes Received:
    1
    probably it is a wordpress exploit.. can anyone tell us what exploit is?
     
  6. seomusic

    seomusic Regular Member

    Joined:
    May 25, 2010
    Messages:
    376
    Likes Received:
    56
    just update your WordPress then everything will be fine...
     
  7. seomusic

    seomusic Regular Member

    Joined:
    May 25, 2010
    Messages:
    376
    Likes Received:
    56
    that's really a big works to do.. that's why my hosting provider always told me to update ..
     
  8. asdrubale

    asdrubale Newbie

    Joined:
    Mar 28, 2012
    Messages:
    15
    Likes Received:
    1
    have you tried to use exploit scanner plugin?
     
  9. roster67

    roster67 Registered Member

    Joined:
    Mar 27, 2012
    Messages:
    69
    Likes Received:
    10
    Change your password for ftp access to your server.
    Russians like to play with filezila if its your ftp solution.
     
  10. cyrsss

    cyrsss Regular Member

    Joined:
    Jul 10, 2010
    Messages:
    396
    Likes Received:
    64
    Occupation:
    SEO Analyst
    Location:
    SKY
    Yeah i already updated to latest version but this malware is some what of different nature it directly hit httaccess files of 100+ websites so Whenever I update website this malware come again :( .In a mean time i manually move to another hosting 1 by 1 its crap work. Any body Please Confirm me Is hostgator is secure from these iframe malware attack ?
     
  11. asdrubale

    asdrubale Newbie

    Joined:
    Mar 28, 2012
    Messages:
    15
    Likes Received:
    1
    I don't think so... I had the same problems times ago, and I used hostgator..
     
  12. Slucide

    Slucide Newbie

    Joined:
    Mar 10, 2010
    Messages:
    36
    Likes Received:
    3
    Occupation:
    Student
    Location:
    in my small 50m² apartement
    Try also the BulletProof Security plugin, it protects your .htaccess file from exploits and generally from changes.
     
  13. blackhit

    blackhit Super Moderator Staff Member Jr. VIP Premium Member

    Joined:
    Jan 28, 2008
    Messages:
    2,403
    Likes Received:
    4,255
    Location:
    Dark Side Of The Moon
    Moved to Blogging...
     
  14. woodraz

    woodraz Regular Member

    Joined:
    Dec 3, 2010
    Messages:
    302
    Likes Received:
    70
    Use wordpress firewall plugin...
     
  15. JohnMalekin

    JohnMalekin Registered Member

    Joined:
    Mar 25, 2012
    Messages:
    72
    Likes Received:
    36
    Occupation:
    SEO, Web design, Graphics design, programming
    Location:
    Internet
    Make the .htacces file without writing permission (440 i think) directly from cpanel and make sure it's clean. Also do that for your main index.php and the index.php inside your template. They don't need to be written and make sure they are clean. You shouldn't have problems after this.

    And yes, don't install nulled templates and plugins because almost all of them are infected.

    Cheers,
    John
     
  16. zmoney

    zmoney Senior Member

    Joined:
    Apr 19, 2011
    Messages:
    814
    Likes Received:
    250
    Know this is old, but, Been going through this myself for 1 month. After I completely delete the domain and install everything from fantastico and use default theme. Bam, My header.php gets eval code and my .htc access gets changed. over and over. So frustrating. It actually changes header.php for EACH theme I have installed.
     
    Last edited: Jul 11, 2012