lockout after malware

Esse Pessie
(@estherspee)

4 years, 6 months ago

Recently my site had been infected by malware. After removing it I noticed that the wpconfig file was referring to another database. I fixed that, can login but after that I keep getting “acces denied”. I don’t know how to fix this. Now I notice that there are 3 htaccess files! Is that normal? 1 is .htaccess.171212201410.orig, 2 is .htaccess-210826032704-61270a082ecbc-duplicator.bak, .htaccess . Could that have something to do with it?
Or has anybody have any idea what to do?

plugin folder name changing hasn’t helped.

Thanks!

Viewing 7 replies - 1 through 7 (of 7 total)

yogeshyadav20
(@yogeshyadav20)

4 years, 6 months ago

Hi @estherspee

If you are able to login and can access wp-admin/options-permalink.php then, delete your all .htaccess file and regenerate this by saving permalink.

Thread Starter Esse Pessie
(@estherspee)

4 years, 6 months ago

Thanks for your answer. I can login, but can’t access anything. All I get is:
Forbidden
You don’t have permission to access this resource.

Do you perhaps have another tip?

Kuldeep
(@soberbanda)

4 years, 6 months ago

@estherspee Check your website for malware here: https://sitecheck.sucuri.net/

You would need to contact a professional service to remove it for you; for eg. sucuri or Wordfence.

I would suggest backing up and migrating to a fresh install. It would a great hassle to bring it back to working state all by yourself 🙂

Thread Starter Esse Pessie
(@estherspee)

4 years, 6 months ago

thanks. Checked it and:
Malware detected by scan (Critical Risk)
Injected spam detected (Critical Risk)

In order to reinstall and backup, I should get the mallware removed first right?

Kuldeep
(@soberbanda)

4 years, 6 months ago

@estherspee Just take out wp-contents and wp-config.php. Extract database and create a fresh install. More on this: https://kinsta.com/blog/migrate-wordpress-site/

See if it works. Else you would need to contact a professional.

Your Welcome 🙂

Thread Starter Esse Pessie
(@estherspee)

4 years, 6 months ago

Just to be sure, If you migrate via FTP, I won’t take the malware with me?

Kuldeep
(@soberbanda)

4 years, 6 months ago

@estherspee That would depend on how much the malware has infected your installation. Its a hit and miss. I would recommend first try and clear up as much as you can. Then go with migration as a last resort. Nothing can be guaranteed. If you can go for a paid service, that is the best way to follow.

Hope that helps 🙂

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘lockout after malware’ is closed to new replies.

lockout after malware

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics