Only a few days ago, we were approached by an owner of a small WooCommerce website; it seems like his WordPress website has been infected with malware. As a result, his homepage served pop-ups to the site visitors while his admin logins were compromised and changed. After being locked out from the WordPress Dashboard, the owner searched for a WordPress malware cleanup service, and we were more than happy to take the chance and remove malware from another WordPress site. Below we will write … [Read more...] about Malware Cleanup of Small WooCommerce Website
Security
The free.xjs.lol Spam Injection WordPress Malware Cleanup
A few days ago, we received a hack removal request for a WordPress website using both Malcare and WordFence; it kept getting hacked and injected with Japanese spam malware repeatedly. The site owner told us that he found two scripts injected into his WordPress site; the first one was located under the site's root directory with the name sw.js, while the other was sitting under wp-includes/js directory with the name font.js. The owner also mentioned that they suspect there is a backdoor which … [Read more...] about The free.xjs.lol Spam Injection WordPress Malware Cleanup
June WordPress Security Updates and News-Volume 1
The first half of June was a period of time with a great number of WordPress security incidents. Over 40 Plugin Vulnerabilities were detected affecting more than 7 million websites. This is indeed a number that can not be ignored. So let us take a closer look at some of those vulnerabilities. WordPress Plugin Vulnerabilities Jetpack. With over 5 million installations this Plugin was affected by a Carousel Non-Published Page/Post Attachment Comment Leak. A patch is released in … [Read more...] about June WordPress Security Updates and News-Volume 1
May WordPress Security Updates and News-Volume 2
Every month is full of interesting and useful WordPress News and Updates; the second half of May was yet again a period filled with news. WordPress News and Updates Happy 18th Birthday WordPress! On the 27th of May, WordPress celebrated its 18th Birthday! And what a magnificent milestone this has been... Since its last birthday, the 40th release has been rolled out and WordPress now is powering over 40% of the web. WordPress Plugin Vulnerabilities During the last half of May, … [Read more...] about May WordPress Security Updates and News-Volume 2
How to trace and clean the monit.php hack
UPDATED: 14th July 2020 Let's start this tutorial with a tip, if you want to know your site has been infected by the monit.php hack add your site URL before this snippet and browse it: /wp-admin/options-general.php?page=monit If you see a page opening with settings and text strings then you're most probably hacked, if not you're probably safe. In both cases I suggest to follow the cleanup guide for the ofgogoatan.com redirect hack. Monit.php flagged as malware A few days ago we … [Read more...] about How to trace and clean the monit.php hack