Reputation: 1
WordPress 2.9.2 Infected with SEO worm, blog.theyoungrens.com, I need some advice on getting it fixed
I have been trying to get rid of an infection in this (blog.theyoungrens.com) for a few weeks and am at my wits end, I have scoured the DB, and as many source files as possible, to no avail.
I have replaced the theme from fresh files, and the blog is fixed for a short amount of time, but inevitably gets re-infected. FTP passwords have all been changed and not stored, and I'm accessing the site from a non-infected computer.
I have found one or two blog articles about similar SEO worms, but none of them shed light on my specific situation.
Any advice for removing the worm will be GREATLY appreciated.
Upvotes: 0
Views: 290
Answers (2)
Reputation: 301
If the problem is that you are getting re-infect, you need to try securing your wrodprss after using the same steps you did above.
clean it and seal it :)
a good post with different easy to do stuff to secure wordpress - yet tricky is this http://migh.info/2010/05/securing-your-wordpress-blog/
hope that helps
Good luck securing your blog, hope last time u face this
Upvotes: 0
Reputation: 4146
Here's a list of steps I recommend for anyone facing an infected WP site:
- Back up your entire site (plug-ins, theme, database, uploads) to your local machine.
- Delete everything from the server -database, WordPress, all of it.
- Create a new, blank database
- Install a fresh copy of WordPress from wordpress.org
- Check your uploads folder to make sure there aren't any malicious files hiding there (make sure you recognize everything.
- Re-upload your uploads file.
- Re-install your plug-ins and theme from clean copies (straight from the WordPress repository works best). If they're no longer available, have a developer clean the PHP code before uploading from a back-up.
- Walk through the backup of your database to make sure there's no malicious code hiding there, then restore your database after it's clear.
The easiest thing to do is to hire a developer to manually clean your site. There might be a malicious file hiding in your wp-content folder, or there could be a bad entry in your database. Just updating WordPress or re-installing your theme won't fix those.
To find a developer, post a new job on jobs.wordpress.net. Be sure to describe your problem and offer examples of what kind of malicious SEO you're seeing. The more detailed you can be, the easier it will be to hunt down and kill the worm.
Upvotes: 1
Related Questions
- Wordpress Malware - How do I remove it?
- Wordpress website index.php is injected with malware and code regenerated once deleted and wp-admin is not access
- How does a virus infect my WordPress site?
- Wordpress website infected by virus; how to backup or recover?
- Malicious text appears in all pages and posts. How do I get rid of it?
- Malware/Adware on my wordpress blog--want to reinstall
- Wordpress site infected with malware
- The site ahead contains malware
- Google undetermined malware fix for WordPress
- Wordpress site is very slow after being attacked by malwares