I investigated further, and found that one of the quarantined files had not been fixed, it still had a big chunk of heavily obfuscated code in it. I assumed it was malware and removed it, it seems to have fixed the problem. Now checking other quarantined files.
I still am not sure how the plugin reports that the site did not break, when in fact the homepage returned an internal server error.
After the fix it loads the wp-admin in that framed window, if the wp-admin loads tht means the WordPress bootstrap was not broken. Theme files are often infected and con sometime be broken when they are hacked (if the hack was done poorly), or when the hack is removed (if the removal was not complete and thorough).
Can you send me the threat that you had to remove yourself? If my plugin could have removed that whole threat when you ran the fix then this would not have happened.
Viewing 3 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic.
Comments are closed.
Get instant updates to new definitions files as new threats are discovered.
*All fields are required and I will NOT share your information with anyone.