• You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

[ISSUE] Help, I can't access my WordPress Admin

danger

danger

Active member
Babiato Lover
Jan 6, 2019
150
46
28
Belgique
Hello everyone, I can't access my WordPress admin anymore. When I go to /wp-admin or /wp-login.php, I am redirected to the home page of my site. I did a scan with sucuri and he tells me this: Known Spam detected: spam-seo?japanese.0

Can someone help me get my site back? Thank you in advance!
 
do you have access to cpanel ?

so you can edit the config .PHP according to your site name URLs and database name password etc.
 
Go to Cpanel >>> wp-config.php >>> Change wp_debug=True.
Also check Your_Site_Folder>> error_log

Check the error messages. If possible paste the most recent eroor Log here
 
Try to FTP and rename the plugins folder. See if it gets fixed.
 
SunnyDance said:
Go to Cpanel >>> wp-config.php >>> Change wp_debug=True.
Also check Your_Site_Folder>> error_log

Check the error messages. If possible paste the most recent eroor Log here
Click to expand...

Check your .htaccess file in root
also check all hidden files wp root
seems like you have used a malware plugin or theme
 
Your_Site/wp-admin seems to be permanatly redirected by some spam code.

GET
scheme
https host
comineswarneton.com
filename /wp-admin/
Address 35.214.157.226:443
Status301 Moved Permanently

Thru - Cpanel
Check the Robots.txt and .htaccess files see if there are any changes.
 
SunnyDance said:
Go to Cpanel >>> wp-config.php >>> Change wp_debug=True.
Also check Your_Site_Folder>> error_log

Check the error messages. If possible paste the most recent eroor Log here
Click to expand...
I have this : [12-Jan-2021 08:42:49 UTC] PHP Notice: Undefined variable: url in /home/customer/www/comineswarneton.com/public_html/wp-includes/version.php on line 1
 
SunnyDance said:
Your_Site/wp-admin seems to be permanatly redirected by some spam code.

GET
scheme
https host
comineswarneton.com
filename /wp-admin/
Address 35.214.157.226:443
Status301 Moved Permanently

Thru - Cpanel
Check the Robots.txt and .htaccess files see if there are any changes.
Click to expand...
Here is my htaccess :
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteRule ^content-([^/]+) index.php?content=$1
RewriteRule ^sitemap-([^/]+).xml$ index.php?sitemap=$1 [L]
RewriteRule ^wp-phpinfo\.php$ wp-phpinfo.php [L]
RewriteRule ^wp-config-sample\.php$ wp-config-sample.php [L]
RewriteRule ^.*\.php\??.* index.php [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
 
Check your wp-content/uploads directory for files with blacklisted extensions, like .php, .js and .ico. If you find such files, check the content for characters like base64_decode, rot13, eval, strrev, gzinflate, etc.
 
  1. Simply go do
  2. ur cPanel
  3. go to WordPress Installation
  4. find your domain name from list
  5. click Login
Or You can

Locate the WordPress installation directory , rename the security plugin "_bkp"
 
Ok so I have made a scan, and this appear :

[STR]obfuscated_php_code_3 [12/01/21] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/index.php

[HEX]gen_php_obfusc3 [20/11/20] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/wp-config-sample.php

[STR]obfuscated_php_code_3 [20/11/20] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/wp-includes/index.txt

Can I delete all these files ?
 
danger said:
Ok so I have made a scan, and this appear :

[STR]obfuscated_php_code_3 [12/01/21] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/index.php

[HEX]gen_php_obfusc3 [20/11/20] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/wp-config-sample.php

[STR]obfuscated_php_code_3 [20/11/20] /home/u421-8t56csj338ht/www/comineswarneton.com/public_html/wp-includes/index.txt

Can I delete all these files ?
Click to expand...

no, check the unknown codes inside these files which are forwarding especially javascript code and these codes are usually placed at the last.
 
You must log in or register to reply here.

Similar threads

dotpen
Need urgent help on website site-wide issue on my website.
Replies
3
Views
1K
Website Support & Development
dotpen
dotpen
orbitsolutions
Anyone can help me to solve the play store privacy policy issue !
Replies
1
Views
607
Website Support & Development
banaaf
banaaf
boifagusy
Please help this issue i just change the ip at cloudflare
Replies
6
Views
839
Website Support & Development
TheHitchh
TheHitchh
Meenakshi Sandle
Paypal Payment issue... Any one help
Replies
16
Views
1K
Website Support & Development
Meenakshi Sandle
Meenakshi Sandle
Y
Help for GigToDo issue
Replies
1
Views
871
Website Support & Development
funguy
funguy

Latest posts

Forum statistics

Threads
79,468
Messages
1,143,097
Members
248,675
Latest member
kuruklg

Share this page

Share this page
Top Bottom
Back
AdBlock Detected

We get it, advertisements are annoying!

However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.

If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.

I've Disabled AdBlock