I have received a messege from my web host saying malicious activity has been detected on our wordpress website. Please see email received below:
"Unfortunately, malicious activity has been detected on your account. Such activity can harm the site's visitors, as well as its reputation on search engines and the reputation of the server with email providers. As such, this is seen a breach of our acceptable usage policy and has left us with no choice but to temporarily disable part or all of the account.
Although it is an undesirable outcome, disabling the account is the best way for us to limit the harm malicious content or activity can cause to the website, its visitors and other customers until the cause of the issue has been identified and resolved
How has this happened?
Often this is caused by a vulnerability somewhere in your website's code which has allowed an attacker to inject malicious scripts into your website. Normally this is possible via exploitable vulnerabilities in out-of-date software in your site's application such as plugins or themes which you have installed. It is also possible due to poor security practices in custom-written website code, or insecure passwords for your email, ftp or hosting accounts or the website's admin areas.
What to do next
When a website is compromised in this way, additional 'backdoors' could be injected and hidden amongst the site's normal code to allow an attacker to compromise it again in the future. It is therefore important that every trace of malicious code is identified and removed before the site can be brought back online.
Cleaning up compromised websites is unfortunately not a service we are able to provide, so if you are unsure of how to proceed with doing so we would recommend you contact a specialist web developer for advice and assistance.
We are able to allow restricted access to the site for you or your developers if this is something that you require. When you are certain the website is rid of any malicious code or content, please contact us and ask for the site to be reviewed. It would help for you to demonstrate steps which have been taken to secure the website and your account.
If we believe the site is clean and no longer poses a risk, we will make it publicly accessible again"
I have installed a couple off plugins "Wordfence" & "Quttera" and the scan reports show a change in the DNS IP and the new IP is located in Russia, this may be 1 of the problems but to be honest this is beyond my knowledge so I need an expert to find and remove any malicious code, content etc... Wordfence scan gave 8 warnings, 2 of which where malicious & 6 where suspicious.
It must be completely fixed so my Web Host is happy and removes the lock on our account. The site must then be checked that everything is working as it should i.e the contact forms etc... Any new security measures to prevent this from happening in the future would be welcomed also. We get spam through our contact forms also so finding a fix for this would be great too.
26 freelanceria on tarjonnut keskimäärin %project_bid_stats_avg_sub_26% %project_currencyDetails_sign_sub_27% tähän työhön
I can remove the malware and hardening the site for you. I am a skilled wordpress admin with over 10 years experience. let discuss more via private message.
Hello How are you My name is Xu I can fix ut in 2 hourt i have full time and I can start to work immediately Please contact me and do let us discuss about your project Thanks for your posting
Hey I get this issue and have assisted many clients in cleaning their site from malicious files and willing to assist you as well so feel free to contact
Dear, As I see you use Tsohost, it's a classic message, what you can do is analyze the site and update it. Contact me, we can solve it in 1 day. regards
Hi, I have "deloused" other wordpress sites, and can help restore your site today. Do you have a backup of it already, or do you need to fix the existing code ? I can help