My wordpress site's backend cannot be accessed and when I try to go to wp-admin page, it only shows a blank page.
And when I check via the file manager, I discovered some unusual code has been generated on the top of some of the Wordpress and Theme files (wp-cofing.php, header.php, footer.php ..etc.)
Here's an screenshot of my wp-config.php file
https://www.dropbox.com/s/otk1xq2i7t6yojr/Untitled.png?dl=0
So, what is this ? Never experienced such thing in my life...
How to get my site back ? All the sites on that server has been affected...
Odds are, that malicious string is the same in all the affected files. Remove them all manually ( search + replace across the entire installation folder ).
That should get admin side running.
Then install a security plugin ( e.g. WordFence ) to scan the installation for any other suspicious code.
Then change your passwords and hashes in the config file.
