[ISSUE] Help, I can't access my WordPress Admin

danger

danger

Member
Jan 6, 2019
121
23
18
Belgique
Hello everyone, I can't access my WordPress admin anymore. When I go to /wp-admin or /wp-login.php, I am redirected to the home page of my site. I did a scan with sucuri and he tells me this: Known Spam detected: spam-seo?japanese.0

Can someone help me get my site back? Thank you in advance!
 
G

gg786

Active member
Jun 2, 2020
197
28
28
do you have access to cpanel ?

so you can edit the config .PHP according to your site name URLs and database name password etc.
 
SunnyDance

SunnyDance

Member
Aug 13, 2020
40
14
8
Go to Cpanel >>> wp-config.php >>> Change wp_debug=True.
Also check Your_Site_Folder>> error_log

Check the error messages. If possible paste the most recent eroor Log here
 
sandybandy

sandybandy

Well-known member
Trusted Uploader
Nov 19, 2019
317
627
93
4th Dimension
babiato.tech
SunnyDance said:
Go to Cpanel >>> wp-config.php >>> Change wp_debug=True.
Also check Your_Site_Folder>> error_log

Check the error messages. If possible paste the most recent eroor Log here
Click to expand...

Check your .htaccess file in root
also check all hidden files wp root
seems like you have used a malware plugin or theme
 
SunnyDance

SunnyDance

Member
Aug 13, 2020
40
14
8
Your_Site/wp-admin seems to be permanatly redirected by some spam code.

GET
scheme
https host
comineswarneton.com
filename /wp-admin/
Address 35.214.157.226:443
Status301 Moved Permanently

Thru - Cpanel
Check the Robots.txt and .htaccess files see if there are any changes.
 
danger

danger

Member
Jan 6, 2019
121
23
18
Belgique
SunnyDance said:
Go to Cpanel >>> wp-config.php >>> Change wp_debug=True.
Also check Your_Site_Folder>> error_log

Check the error messages. If possible paste the most recent eroor Log here
Click to expand...
I have this : [12-Jan-2021 08:42:49 UTC] PHP Notice: Undefined variable: url in /home/customer/www/comineswarneton.com/public_html/wp-includes/version.php on line 1
 
danger

danger

Member
Jan 6, 2019
121
23
18
Belgique
SunnyDance said:
Your_Site/wp-admin seems to be permanatly redirected by some spam code.

GET
scheme
https host
comineswarneton.com
filename /wp-admin/
Address 35.214.157.226:443
Status301 Moved Permanently

Thru - Cpanel
Check the Robots.txt and .htaccess files see if there are any changes.
Click to expand...
Here is my htaccess :
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteRule ^content-([^/]+) index.php?content=$1
RewriteRule ^sitemap-([^/]+).xml$ index.php?sitemap=$1 [L]
RewriteRule ^wp-phpinfo\.php$ wp-phpinfo.php [L]
RewriteRule ^wp-config-sample\.php$ wp-config-sample.php [L]
RewriteRule ^.*\.php\??.* index.php [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
 
SunnyDance

SunnyDance

Member
Aug 13, 2020
40
14
8
Check your wp-content/uploads directory for files with blacklisted extensions, like .php, .js and .ico. If you find such files, check the content for characters like base64_decode, rot13, eval, strrev, gzinflate, etc.
 
gireesh

gireesh

Active member
Banned User
Jul 26, 2020
135
62
28
  1. Simply go do
  2. ur cPanel
  3. go to WordPress Installation
  4. find your domain name from list
  5. click Login
Or You can

Locate the WordPress installation directory , rename the security plugin "_bkp"
 
danger

danger

Member
Jan 6, 2019
121
23
18
Belgique
Ok so I have made a scan, and this appear :

[STR]obfuscated_php_code_3 [12/01/21] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/index.php

[HEX]gen_php_obfusc3 [20/11/20] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/wp-config-sample.php

[STR]obfuscated_php_code_3 [20/11/20] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/wp-includes/index.txt

Can I delete all these files ?
 
sandybandy

sandybandy

Well-known member
Trusted Uploader
Nov 19, 2019
317
627
93
4th Dimension
babiato.tech
danger said:
Ok so I have made a scan, and this appear :

[STR]obfuscated_php_code_3 [12/01/21] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/index.php

[HEX]gen_php_obfusc3 [20/11/20] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/wp-config-sample.php

[STR]obfuscated_php_code_3 [20/11/20] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/wp-includes/index.txt

Can I delete all these files ?
Click to expand...

no, check the unknown codes inside these files which are forwarding especially javascript code and these codes are usually placed at the last.
 
You must log in or register to reply here.

Similar threads

orbitsolutions
Anyone can help me to solve the play store privacy policy issue !
Replies
1
Views
474
Website Support & Development
banaaf
banaaf
boifagusy
Please help this issue i just change the ip at cloudflare
Replies
6
Views
728
Website Support & Development
TheHitchh
TheHitchh
Meenakshi Sandle
Paypal Payment issue... Any one help
Replies
16
Views
1K
Website Support & Development
Meenakshi Sandle
Meenakshi Sandle
Y
Help for GigToDo issue
Replies
1
Views
653
Website Support & Development
funguy
funguy
modman9
Urgent HELP Needed! Wordpress Ultimate member plugin issue
Replies
0
Views
673
Website Support & Development
modman9
modman9
Orionshost 70% Off

Latest posts

Forum statistics

Threads
69,498
Messages
910,047
Members
239,991
Latest member
Lordharrison001

Share this page

Share this page

About us

  • Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.

Quick Navigation

Forums Contact us

User Menu

Login
Community platform by XenForo © 2010-2022 XenForo Ltd.
Top Bottom