Changes made in the Wordpress back-end isn't being reflected

Question

I installed some plugins from my Wordpress back-end. In-spite of making changes in the back-end, I do not see any reflection of the changes neither in the front page, nor in the plugins section. I also can't add new plugins anymore. I get the following error message when I try to:

An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.

After searching in Google, I went to the cPanel > Health checks and Monitoring > Port80. The page shows a lot of files that are blocked. Here's a screenshot of the blocked files:

Even after clicking on the Unblock Port button on this page and waiting for 24 hours, the files are being shown there.

When I do the modifications in the back-end, should I restart the server first? I can't restart the server as I am only having Cpanel and Wordpress backend accounts, and not the WHM account.

Can someone help me to fix the problem?

Answer 1

Looks like you installed a plugin which had malware. These plugins typically modify the wordpress installs and place backdoors in the core wp files, as well as in the existing plugin and theme files.

My advice would be that take backup of your current installation (not in the server, but locally) and then do a clean installation. Then migrate the db and then try cleaning up (run them through an AntiVirus program. Open the files up individually and look for suspicious code that should not be there) the plugins and themes separately before putting them in your new installation. Also, try to discard any plugin and theme you weren't actually using.

For better security, only install themes and plugins from trusted sources (e.g. Wordpress theme & plugin directories and a few good marketplaces like theme forest and so on).

Last but not the least, stop using nulled themes and plugins as they invariably contain code that places backdoors in your Wordpress installations.