Fighting malicious Php insertion

Anybody familiar with any of this? Wordfence claims to block these attacks, but my index.php and settings.php files are being changed, and then my url is sending traffic to various phishing schemes.

​

https://preview.redd.it/bjn9pibr7gp91.png?width=1998&format=png&auto=webp&s=650be23bab58d376fbbba0bfa81b0ce8a5fc9873

3 Comments
  1. hack mode:

    – take a full database and site files/folders backup

    – change all passwords (database, cPanel, WordPress)

    – change the salt keys in wp-config.php to log out all users.

    – delete and replace all WordPress files (except wp-config.php) and folders (except /wp-content/) with fresh versions wordpress.org

    – delete and replace all plugin and theme files and folders with fresh versions from [wordpress.org](https://wordpress.org)

    – check the timestamps of files in /wp-content/ for anything recent and with a suspicious name

    – install and scan site with [GOTMLS](https://wordpress.org/plugins/gotmls/) and Wordfence plugins

 

This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Your Advertisement Here