Hi All,
Having an issue where when a user does a google search for my website, it appears but the links seem to be correct but when you click on them it brings you to a site selling drugs.
I have installed wordfence and it is notifying me that there the File appears to be malicious: wp-content/mu-plugins/gd-lib.php
Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: setcookie('engine_ssl_. The infection type is: Backdoor used to remotely control server.
Any one any ideas if this is a false positive or is there an issue
In your post I provided a link to check for security issues. Did you try that? Go to this link and run a test to find out for sure.
If in fact you are hacked the site has to be cleaned. GoDaddy does offer this service as well.
HTH! 😉
I'm using Wordfence to scan my site and it is alerting me to potentially malicious code:
HOWEVER, every time I remove the file it completely disables my site, and I'm unable to access my WP dashboard The only way to restore the site is to roll back to a previously saved version via my Godaddy backup service.
Is this actually malicious code or is it a file installed by Godaddy?
Any help much appreciated.
Ben