Earlier this week, when I was working on the vSlider plugin’s new feature (secret but largely expected) which would be available with our developer version. VibeThemes.com got infected with malware, when a malware hits a site ( like VibeThemes, which is distributing downloads) then it has a very high probability of spreading malicious content (Trojans, Viruses and spyware) along with the downloadable content. I came to know about it from Google, when I searched VibeThemes on Google.com and
I encountered the following message:
In case you are facing a similar issue then here are quick steps which you should follow:
- Relax and calm down :), i know its hard but to avoid further mistakes its a per-requisite.
- Click on this link Click here and scan your website. This link would take you to a trusted malware checking site Sucuri which is even recommended by WordPress.org.
- Search for the malware term for information you obtain from sucuri.
- In my case malware was “This link@Sucuri” and I searched the internet and found a forum post from some nice guy to remove it.
- Contact your web-hosting company as well and ask them if they are aware of this, ask them to run an anti-virus scan and some good web hosts might even suggest which file was the root cause for the malware.
- If you are not able to remove the malware yourself, ask your web host to restore a previous dated backup to get over the issue.
What after somebody has managed to infect your site? If are really serious about the issue you should consider getting a permanent solution to these issues. Now, there are multiple options which can help you:
- Get your WordPress installation reviewed by an Expert: This is usually an expensive solution [ eg: Here] but is good enough to try.
- VaulPress: Perhaps one of the best solution available today. This plugin has been developed by Automatic themselves and guarantees support and backups in case the site gets infected.
- BackupBuddy: A very popular WordPress plugin which has recently crossed the 50k mark.
- Sucuri: My favorite and now VibeThemes is being monitored/scanned by Sucuri. I can now be sure of my site security, since it is being scanned many times a day.
- Create an Alert in Google alerts: View this post on how to use Google Alerts to protect your site.
After the malware has been removed from your site, make sure to submit your site with Google for a review.Follow this for detailed steps Google Request for malware review.This will remove your site from the list of blacklisted sites and your old site will be back again “up and running” :).
If you have used any of the options other than these for your WordPress Security, do tell us.
We are also in process of developing a plugin for the WordPress security, let us know the features which are important for you while selecting a security wordpress plugin.
What type of files should I be finding in the ‘cache’ folder? I have a feeling there are malware files in there, for example. timthumb_int_fc0af4d99dedbdd456ca2e106b38de49.timthumb.txt
This is a temporary file by timthumb.php, it is not a very secure script to be used in a WP setup. If the timthumb.php version is below 2.7 then it is a known vulnerability and your site can be hacked. The best place is to check this would be http://sitecheck.sucuri.net/scanner/