WordPress 4.7.1 – Upgrade Mandatory!!!
we are receiving more and more emails from you regarding websites which have been infected. As far as we know, it is a global issue which also affects other hosts. The issue only concerns these websites which have not yet upgraded their WordPress scripts to version 4.7.1. This means that all WordPress scripts older than this version are vulnerable to hacking.
We do kindly ask you to upgrade all your WordPress scripts at your accounts. If your website has already been infected, please follow the steps below or simply contact us. To check whether your website has been infected or not, go to Google and type your url. If you see Japanese signs instead of a website description, this means that your website has been infected.
How to remove a virus from your website?
1. Download the latest version of WordPress > https://wordpress.org/latest.zip and unzip it at your computer.
2. Remove “wp-admin” and “wp-includes” directories from your FTP account.
3. Upload all files from the WordPress script downloaded (refer to step 1) and overwrite all files, if necessary.
4. Remove the “sitemap.xml” file from the “public_html” directory and a Google verification file (e.g. google485732784375843534.html).
5. Remove a directory marked by the series of signs (e.g. 520dce8b905e) from your “wp-content/plugins” directory.
6. Edit the “.htaccess” file (you can find it in “public_html”) and remove all information from it. Afterwards, paste the code available at this website: https://codex.wordpress.org/htaccess (basic WP).
7. Log into your WordPress and change passwords for all administrators.
8. Install the following plugins: Anti-Malware Security and Brute-Force Firewall. Scan your “wp-content” directory. The plugin should detect all infected functions.php file for each theme. Clean the files with the plugin.
9. Log into Google Webmasters > Users and service owners and remove the email address which does not belong to you (e.g. firstname.lastname@example.org). To do that, go to Manage service owners > Cancel verification.
10. Remove sitemap added by a virus (go to Indexing > Sites Map).
11. Generate a new sitemap (e.g. you can do that at https://www.xml-sitemaps.com) and add it to Google Webmasters. To fasten the indexation in Google, download it as Google (section: Indexing).
If you come across any difficulties with upgrading your WordPress scripts or you noticed suspicious files, simply e-mail us. Thank you.