I would need assistance on how to solve the problem with my site. I believe it has been injected with a virus. At first, i couldn't get on to the admin section because it was redirecting to another domain and it would just freeze up. Thereafter, a virus showed up on my PC. The virus is somewhat not harmful as it only try to force you to buy a fake security software( Anti-virus pro2010) After fighting with it, i was able to remove it from my PC. But on each occasion i tried to accessmy admin, my PC got infected. Then today, the virus as taken over the main blog and it is also trying to redirect. I would have posted my blog url here but i don't ant you guys to be infected. Here are the sites that the blog is redirecting to: myndomain.info and panelsrv.info. Any help or advise on how to get this virus removed from my site would be greatly appreciated.
Maybe change the root Cpanel or password protect directory using your Cpanel for the webhosting. Also make a custom IP ban for people guessing your Control panel on wordpress. Hope that helps.
Not much to do you know... Just password protect the directory and they carnt brute force it... If they do the hoster will find out easily. Maybe try password protect MYSQL or Database? Dont use the ovious passwords. Lastly when you make a backup dont save it into your webhost directory because it can be easily obtained by hackers. Once they get hold of the backup they can easily crack the hash which is not the way you want to go.
hmmm, if you say so. I say 99% that there's an injection on the majority of the pages since it's a recurring issue. I'm not going to argue about, just speaking from way too much experience.
Maybe the best thing you can do is reinstall everything again, or if you have a backup, only restore and change all passwords
I agree. Hopefully the backups is not infected. If you end up not having a clean backup, reinstall, create a clean backup, save it on your media of choice, then create sql backups daily.
Still find the exploit which caused the hackage. I have a friend who had a full backup and he restored it and got hacked in 2 days time... Best to find what caused it.
I'm not going to say what usually causes it because each case is different, but I will tell you to begin on your local pc.
Does your wordpress have capta enabled? Theres an private exploit which involves Dos which takes down or hijacks the site. Try enabling Captcha for double protection.
Ooooh, what fun! PHP Injection. Don't you just love it? Sounds like you didn't upgrade your Wordpress stuff when they told you to and someone found you and played a little with your code. Always do the upgrades when they tell you. There are people out there who live for this stuff. Funny though, I can't seem to get anyone to hack our piracy protection software we developed, but that is another story for another day. Injections are messy. Sometimes you luck out and if you did a backup... Whoops! Most people don't though. Good habit to get into. If you had a backup you could reload your site and do the upgrades and you would be set.