Malware on Wordpress Site

Question

I am working on a Wordpress website hosted on Godaddy and struggling with a Malware issue.

Every now and then the webpages start displaying thousands of random links on top of the pages.

When I searched for the texts in the content files, the only place I could find them was in comet cache.

If I delete the cache files, the links go away but again come back after few days.

Can anyone please suggest how can I prevent such a scenario and what all steps I can take to secure my website from such vulnerabilties.

Many thanks in advance.

Answer 1

There's a number of things that could be causing it. Check all of the following to help remove security holes:

• Are you running the latest version of WordPress? If not, there could be a known vulnerability that is being exploited.
• Are all your plugins up to date? For the same reason as above - a poorly written WordPress plugin can open up security holes.
• Do the WordPress files and folders have the correct CHMOD permissions on the server? If not, you're asking for trouble.

I'd recommend any/all of the following as further reading:

• http://www.wpbeginner.com/wordpress-security/

• https://codex.wordpress.org/Hardening_WordPress