Clean/Remove WordPress Malware
If you were redirected to a page that you didn’t mean to while adding a post or changing some plugins in your WordPress installation, don’t panic, there is a fix.
A malware attack can occur if you download and install a theme from a shady website or from one of the million free WordPress Theme sites.
Here’s how to fix the problem.
You’ll need FTP access to your website. If you don’t know what this is, please contact your Website Administrator. You’ll need to check your .htaccess file, usually located at the root of your WordPress directory. Look for the directory that has the wp-admin, wp-content, and wp-includes folders.
Once you locate the .htaccess file, delete the line(s) that have a RewriteRule to a site not your own or to a search engine like Google or Bing. The line should you look for is in bold below.
—
AddHandler application/x-httpd-php .html .htm .asp .aspx .shtml .shtmRewriteEngine On
RewriteOptions inherit
RewriteCond %{HTTP_REFERER} .*google.*/images.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*live.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*mail.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*new.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*bing.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC]
RewriteRule .* http://pills.ind.in/in.cgi?4¶meter=0510 [R,L]
Save the file and upload it back to your root directory. Try refreshing the page and saving the post.
You shouldn’t have any more problems. If so, feel free to drop me a line, and i’ll assist in any way i can.
