Change all passwords and do a search through your theme for any malicious code, usually some form of base64. If a bunch of pages are infected, sometimes it’s best to simply roll the site back to a previous version (shouldn’t effect the database).
The malicious code was placed in every index.php file on my site.
Placed in, but that’s not where it came from. I hope you take note of what @TheDoc said: you need to change passwords (site, database, web host), check for unknown users or users who are admins but shouldn’t be, check your entire web hosting space for files that shouldn’t be there.
In general, trying to “fix” things after an attack is the wrong approach. Your very best option is to delete everything (even if you think it’s “okay”) and then re-install + restore from a backup that you know is good.
If you haven’t made preparations for this sort of thing, you can be ready next time: keep a clean backup of all your code, backup your database and resources (css, js files, images, etc.) regularly. Keep your backups on a different computer than your live site.
Viewing 6 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic.
*May or may not contain any actual "CSS" or "Tricks".