My wordpress site keeps having malware every day even though I remove some of the suspicious and weird characters file from ftp cpanel.
I even did a clean wordpress installation(except wp-contents and config.php) but malware keeps on coming. Checked each and every files of wp-contents and removed every weird or strange filename as well as htaccess which was attacked.
But it keeps on coming everyday.
Below is the screenshot of my htaccess and about.php which is infected. Also when you look at ftp cpanel, all the files are updated on 2023/06/15, which I havent made any changes, means each and every file is infected.
I ran various malware scanning tools like wordfence, but it didnt solve the problem.
Is there anyway to resolve and prevent this from happening?
[ad_2]
Delete everything, except /wp-content/uploads. Redownload your plugins & them from the source. Find alternatives for anything that hasn’t had an update in > 9 months. The malware is most likely coming from an old/abandoned/out of date plugin.