[ad_1]
Anyone else ever encounter this plugin/hack?
Trying to narrow down how it got into the site and how to prevent it from happening again.
[ad_2]Anyone else ever encounter this plugin/hack?
Trying to narrow down how it got into the site and how to prevent it from happening again.
[ad_2]
>*Trying to narrow down how it got into the site and how to prevent it from happening again.*
The type of hack is kind of irrelevant. Without knowing anything about your site, [99% of the time](https://patchstack.com/whitepaper/the-state-of-wordpress-security-in-2021/), malware enters a site via a plugin (or less often, the theme) that contains a vulnerability, either due to it:
* being old/abandoned
* not being updated regularly/quickly enough
* was nulled
Go through your plugins and themes and check their changelogs. Ensure you are up to date with all themes/plugins. Anything that hasn’t received an update in 12 months or more should be replace (I use 9 months).
Same extension installed on my website today.
In the same time my website have been hacked (redirection)
I’ve a wp-blog-header.php and a .css file wierd to
If someone as other information.
Started happening to some of my sites two days ago. Infected files are /wp-blog-header and a plugin folder called wp-cleansong. Two users with administrator roles were added. I saw on a facebook post that it was due to Lite Speed Cache version <= 5.3. My sites had that plugin installed and outdated. I updated everything. Installed wordfence and got rid of infected files. Not sure if that’s it. I’ll report further developments.