One of the sites I manage (psychiatryQbank.com
) has been hacked. It had outdated wordpress, templates and plugins versions and also a weak password.
The hacker added many files and pages in the server, created fake users, etc. I manually remove them all and did a wordpress restore from a backup done before the attack. After that, updated everything and changed the password, revised some folders permissions according to the wordpress docs. Also installed a security plugin called All in One WP Security and it now says the site is secure.
I went to this site: https://sitecheck.sucuri.net
and did a scan. It says I still have malware.
Anyway, what worries me the most is that this site: psychiatryQbank.com Book Archive
seems to be active and I DO NOT HAVE any page or post called 'download' and I do not have any other wordpress instance installed in my server in the 'download' folder. What is worse, I DON'T EVEN HAVE a 'download' folder at all in my server.
Could anyone please help me?