What to do if the website is under attacked?
If you are facing any issues from the below list, on your WordPress website then your website might be under attack with some virus or malware code and you need the immediate attention of the developer for your potential website.
1. Unable to delete index.php and .htaccess files. It creates automatically again if I delete this file.
There could be several reasons why you are unable to delete the index.php file like the file is in use, Permission issues, the file is read-only, the file is locked by another process, the file is in a protected folder, A virus or malware is preventing you from deleting the files. Some viruses or malware are designed to prevent the deletion of certain files, so it’s possible that a virus may be preventing you from deleting the index.php file.
Solution:
If your index.php or .htaccess is keep creating automatically even if you have manually tried to delete it multiple times, that means the virus has executed one code file in a hidden format which will keep executing itself on every action, Yes it means whatever you will do in the server it will execute and create that file again. If you like to find what is this hidden file name then you might be going to see it inside the server log file sometimes it looks like this /public_folder/css/style.php or script.php etc, you first need to find and delete this file and if you aren’t able to find this hidden file then in either condition you will need to restart your server which will stop the execution of the PHP and then you can easily delete the index.php and .htaccess file. To do this action, you will need the help of a server company if you are having shared hosting account, whereas this can be easily done by yourself if you acquire a VPS hosting plan, here are some of the links where you can see how you can restart the server for some of the trendy servers in the market.
- Godaddy: https://in.godaddy.com/help/restart-my-gen-3-server-19089
- Bluehost: https://www.bluehost.com/hosting/help/dedi-vps-restart
- Bigrock: https://support.bigrock.com/index.php?/Knowledgebase/Article/View/929/13/rebooting-your-vps-or-dedicated-server)
- Hostgator: https://www.hostgator.com/help/article/how-to-reboot-your-vpsdedicated-server
If you still need help please click here to contact us and we will make sure you will get virus free website.
2. The website is redirecting to some random/adult/games/shopping website.
If your website is redirecting to another website because it has been infected with malware. Typically this happens when a malicious individual gains access to your website through a vulnerable plugin or theme. In some situations, the issue could be caused by a new file that was added to the root folder.
A phishing scam may be attempting to redirect visitors to a fake website in order to steal personal information.
Some malicious ads or third-party scripts like analytics or social media widgets can also cause redirects. Make sure to check all the third-party scripts and ads on your website.
Solution:
Update WordPress to the latest version.
Update all of your WordPress plugins to the latest version.
Change your WordPress login credentials (username and password) so that anyone who may have gained those credentials can no longer log in.
Change your FTP credentials for the same reason – so no one can directly access and edit files in your home directory.
Add a plugin to change the WordPress default login URL which is site.com/wp-admin
Mostly this code stays inside the JS file so mainly you need to open each JS file, identify the redirecting code, and delete it from that file to stop the redirection.
Consider switching to a hosting solution that includes third-party support. All of the hosting plans that we offer here at Sharp Innovations include malware scanning and fixing.
You can also use the below plugins to change WP-admin on your site.
- WPS Hide Login
It is a very light plugin that lets you easily and safely change the URL of the login form page to anything you want. It doesn’t literally rename or change files in core, nor does it add rewrite rules. It simply intercepts page requests and works on any WordPress website. - Limit Login Attempts Reloaded
Limit Login Attempts Reloaded stops brute force attacks and optimizes your site performance by limiting the number of login attempts that are possible through the normal login as well as XMLRPC, Woocommerce, and custom login pages. - Custom Login Customizer
This plugin allows you to customize the login page, including the logo, background, and form design. - Adminimize
This plugin allows you to hide unnecessary items from the admin menu and dashboard, and restrict access to certain areas of the wp-admin for different user roles. - White Label CMS
This plugin allows you to customize the branding of the wp-admin, including the logo, colors, and text. - Admin Menu Editor
This plugin allows you to customize the structure of the admin menu, reorder items and create new menus. - WP Admin UI Customize
This plugin allows you to customize the layout and design of the wp-admin, including the colors, fonts, and icons.
If you still need help please click here to contact us and we will make sure you will get virus free website.
3. My WordPress website is showing Chinese characters on all pages
Your website may have been hacked and the attacker may have inserted Chinese characters into the website’s code. You should run a malware scan and check for any unauthorized changes to the website’s code.
The problem may be caused by a third-party plugin or extension that you have installed on your website. Uninstall the plugin or extension and check if the issue is resolved.
Corrupted files can cause the website to display Chinese characters. Make sure to back up your files and try to replace the corrupted files with fresh copies from a backup.
Solution:
You should run a malware scan and check for any unauthorized changes to the website’s code.
Make sure the encoding is set correctly in the website’s code or configuration file.
Uninstall the plugin or extension and check if the issue is resolved.
Make sure to back up your files and try to replace the corrupted files with fresh copies from a backup.
If you still need help please click here to contact us and we will make sure you will get virus free website.
4. Can not see wp-admin anymore?
Your website may have been hacked and the attacker may have blocked access to the wp-admin area. You’ve made too many login attempts and are locked out of your site, You’ve changed your login URL and now can’t remember your custom login URL, A plugin and theme may be causing a conflict, A problem with the .htaccess file can cause various issues.
Solution:
Double-check that you are using the correct username and password.
Try renaming or deleting the .htaccess file and see if it resolves the issue.
You can check and fix the file permission using an FTP client or using the command line if your hosting provider gives you access.
If you are unable to fix the problem by yourself, it’s best to consult with a professional or a web developer that can help you to determine the exact cause of the problem and find a solution.
If you still need help please click here to contact us and we will make sure you will get virus free website.
5. Website sees some strange login panel.
Malware can also cause such issues, it may have infiltrated your computer and infected your website files. A phishing scam may be attempting to redirect visitors to a fake login panel in order to steal personal information.
There could be several reasons why your website is displaying a strange login panel, including Your website may have been hacked, the attacker may have added a login panel to the site in order to steal user credentials, A hacker may have injected malicious code into your website, third-party scripts on your website, A malware can also cause such issue, it may have infiltrated your computer and infected your website files.
Solution:
If your website has been hacked or compromised, it’s important to take action immediately to protect your site and your visitors. This may include restoring your website from a clean backup, changing all your passwords, and reviewing your website security. It’s also important to keep your software, themes, and plugins up to date to avoid known vulnerabilities. If you are unable to fix the problem by yourself, it’s best to consult with a professional or a web developer that can help you to determine the exact cause of the problem and find a solution.
If you still need help please click here to contact us and we will make sure you will get virus free website.
6. Seeing some long scripts in JS files.
Your website may have been hacked, and the attacker may have added long scripts to the JavaScript files in order to execute malicious actions.
A hacker may have injected malicious code into your website, which is causing the long scripts to appear in the JavaScript files. This can happen through a vulnerability in a plugin or theme or an insecure file upload form.
Some third-party scripts like analytics or social media widgets can also add long scripts in your JS files. Make sure to check all the third-party scripts on your website.
Malware can also cause such issues, it may have infiltrated your computer and infected your website files.
Solution:
Make sure to check all the third-party scripts on your website.
If you are unable to fix the problem by yourself, it’s best to consult with a professional or a web developer that can help you to determine the exact cause of the problem and find a solution.
If you still need help please click here to contact us and we will make sure you will get virus free website.
7. Website is showing some unwanted advertising popups or block
The website may have been hacked, and the attacker may have added unwanted pop-ups or blocks to the website in order to generate revenue through advertising.
A hacker may have injected malicious code into your website, which is causing unwanted pop-ups or blocks to appear. This can happen through a vulnerability in a plugin or theme or an insecure file upload form.
Some third-party scripts like analytics or social media widgets can also add unwanted pop-ups or blocks. Make sure to check all the third-party scripts on your website.
Malware can also cause such issues, it may have infiltrated your computer and infected your website files.
If you are using third-party ads on your website, some of them may not be secured and may be injecting unwanted pop-ups or blocks.
Some browser extensions could be injecting unwanted pop-ups or blocks, check if you have any unwanted extensions installed in your browser.
Solution:
Check if you have any unwanted extensions installed in your browser.
Make sure to check all the third-party scripts on your website.
This can happen through a vulnerability in a plugin or theme or an insecure file upload form.
If you still need help please click here to contact us and we will make sure you will get virus free website.
8. Website is showing red security warning on the browser
A website may display a red security warning on a browser if the website’s SSL (Secure Sockets Layer) certificate is not valid or has expired. The SSL certificate is used to establish a secure connection between the website and the user’s browser, and without a valid certificate, sensitive information such as login credentials and credit card information may be vulnerable to interception by malicious actors.
It can also be caused by some misconfiguration on the server or website.
Solution:
You should check the SSL certificate of your website and make sure it is valid and up-to-date. If the problem persists, you may need to contact your hosting provider or a website developer for assistance.
If you still need help please click here to contact us and we will make sure you will get virus free website.
9. Unusual behavior in the front end of the website:
A website may be under attack when it experiences unexpected behavior such as redirections, pop-ups, or unexpected changes in the layout.
Solution:
If you suspect your website is under attack, it’s important to take action immediately to protect your site and your visitors. This may include blocking the IP addresses that are causing the attack, implementing security measures such as firewalls and intrusion detection systems, and contacting your hosting provider for assistance.
If you still need help please click here to contact us and we will make sure you will get virus free website.
There are many plugins available for enhancing the security of a WordPress website. Some popular options include
- Wordfence Security:
This plugin includes a firewall, malware scanning, and blocking features to help protect your site from hacking attempts and other security threats. - iThemes Security
This plugin offers a variety of security features, including two-factor authentication, password expiration, and malware scanning. - All In One WP Security and Firewall
This plugin provides a range of security features, including a firewall, user account security, and file integrity monitoring. - Sucuri SecurityThis plugin offers a variety of security features, including malware scanning, security notifications, and a firewall
- Jetpack SecurityThis plugin includes a variety of security features, such as brute force attack protection, two-factor authentication, and DDoS protection.
If you still need help please click here to contact us and we will make sure you will get virus free website.