Hi,
Thank you for the great plugin.
I installed it on a clean account and created a folder and moved infected files from other hacked account. (I couldn’t install GOTMLS on hacked website).
It found over 2000 infected files and htaccess malware and cleaned all of them.
Today All htaccess and other infected files returned and my clean website admin panel is not reachable now. (Now I have 2 infected websites)
should I install Brute-force Protection Patch and block XMLRCP access before?
would you please help me how can I get reed of this fu.. virus?
If you copied infected files from one website into the directory structure to another site then you may have copied the source of the infection, or the back-door/vulnerability that caused the infection, onto this new site.
There is no Software/Firewall that can protect your website from an infection that is placed there by a system admin.
To help you sort out this issue and find the active cause of this infection I would need to see the files on the infected site(s). Can you send me a link to the websites that are currently not working and maybe include the error_log files from the server?
You can email me directly with any private or otherwise sensitive data: eli AT gotmls DOT net
