I messaged my hosting provider and they said that my website was probably infected. I ran a scan through Wordfence and around 15 problems with a few critical problems arised.
I solved most of them, but I don’t know what this error means:
I deleted this problem in the config file, the website still worked after it. But I don’t want to delete it permantly if I don’t know for sure what this is.
* **Filename:** /var/www/vhosts/mydomain.com/httpdocs/wp-config.php
* **File type:** WordPress configuration file
* **Details:** This file appears to have been installed or modified by a hacker to perform malicious activities. If you know this file, you can choose to ignore it to exclude it from future scans. The matching text in this file is: **<?php** **\\x0a** **/\*a4d5e\*/** **\\x0a** **\\x0a** u/ **include (“/var/www/vhosts/mydomain.com/httpdocs/wp-content/plugins/portfolio-elementor/. b35564fe.mo”);** **\\x0a** **\\x0a** **/\*a4d5e\*/** **\\x0a** **/\*\*** **\\x0a** **\* The base configuration for WordPress** **\\x0a** **\*** **\\x0a** **\* The wp-config.php…**
Problemtype: **IOC:PHP/wordpress.infected.8848**
Description: **Alterations to WordPress files or plugins, often resembling malware, may indicate site is compromised or has been compromised in the past**
Does anybody know what this is? And should I delete this code in the config file?
[ad_2]
**This is malicious code** and **your site got infected**. You **should not** delete this code in the config file but instead go to the wordpress.org repository and download version of the wordpress installation that is same as the one that you have on your live site, unpack it and replace all your core files including the config file. Make sure that you’ve entered live database parameters in the new file that you are uploading. Also make a full backup before doing any of this, just in case.