cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution
Highlighted

Web Hosting hacked Every index dot php has malicious redirect after every php

How can this happen, every index dot php in multiple sites has malicious redirect after every php tag - Redirect to Traffsend dot me

Did they hack my Godaddy login or is there some other vulnerability I need to close?

Mix of Wordpress, Opencart and Joomla all with same hack.

PHP 7.4

Thanks

Pete

 

2 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Super User III
Super User III
Solution

Re: Web Hosting hacked Every index dot php has malicious redirect after every php

@peter_grout 

 

My first thing that I would say is to reset your GoDaddy password just for good measure.

 

That being said, if you have not been updating your plugins / themes for WordPress or you haven't updated the others it's possible any of them could be the source the exploit.

 

I am assuming you are hosting these sites on a cPanel server. This is the downside to hosting multiple sites on the same cPanel account - as once someone has access to the account - they can get to ALL the sites you have in that account.

 

Once you get the sites cleaned up, I suggest you may want to purchase multiple cPanel accounts or you could purchase a single VPS server and setup your own cPanel accounts which would accomplish the same thing. You just need to understand a bit more server management with the VPS

I am a GoDaddy End User - Just Like You
Check out my site! | I currently manage over 300 WordPress Websites
* Please note that I offer free advice on this forum. Thank You Info If you would like personalized help, please contact me. Otherwise, please ask your question in the proper forum so the answer can assist EVERYONE in the community and not just you. Thanks! *

Once your issue is resolved,
please be sure to come back and click accept for the solution

Get Better Support on the Community Boards!
Etiquette When Asking for Help from the Community

View solution in original post

Highlighted
Solution

Re: Web Hosting hacked Every index dot php has malicious redirect after every php

Thanks to author theandystratton I modified the script:

findhackedfiles.php 

fixfiles.php 

 

 

View solution in original post

2 REPLIES 2
Highlighted
Super User III
Super User III
Solution

Re: Web Hosting hacked Every index dot php has malicious redirect after every php

@peter_grout 

 

My first thing that I would say is to reset your GoDaddy password just for good measure.

 

That being said, if you have not been updating your plugins / themes for WordPress or you haven't updated the others it's possible any of them could be the source the exploit.

 

I am assuming you are hosting these sites on a cPanel server. This is the downside to hosting multiple sites on the same cPanel account - as once someone has access to the account - they can get to ALL the sites you have in that account.

 

Once you get the sites cleaned up, I suggest you may want to purchase multiple cPanel accounts or you could purchase a single VPS server and setup your own cPanel accounts which would accomplish the same thing. You just need to understand a bit more server management with the VPS

I am a GoDaddy End User - Just Like You
Check out my site! | I currently manage over 300 WordPress Websites
* Please note that I offer free advice on this forum. Thank You Info If you would like personalized help, please contact me. Otherwise, please ask your question in the proper forum so the answer can assist EVERYONE in the community and not just you. Thanks! *

Once your issue is resolved,
please be sure to come back and click accept for the solution

Get Better Support on the Community Boards!
Etiquette When Asking for Help from the Community

View solution in original post

Highlighted
Solution

Re: Web Hosting hacked Every index dot php has malicious redirect after every php

Thanks to author theandystratton I modified the script:

findhackedfiles.php 

fixfiles.php 

 

 

View solution in original post