Hi Wordfence,
My developer finished uploading my new website to my cloud server last Thursday, November 1, he then installed Wordfence plugin. All was well when I last checked on Friday, November 2. On Monday, November 5, he contacted me and asked if I had made any changes to the website. I had never touched the admin of the website.
I immediately checked the website and there was the same error on the new website and ALL the other websites on the server: Parse error: syntax error, unexpected ‘text’ (T_STRING), expecting ‘,’ or ‘) /srv/users/serverpilot/apps/WEBSITENAME(APP)NAMEGOESHERE/public/wp-includes/class-oembed.php on line 461.
I hired a specialist developer in cloud servers and he responded:
“Mam, this issue was not caused by Woocommerce or your theme compatibility. I can see your developer installed a security plugins wordfence which injected a site malware and infected all your websites. The hacker added some custom code very badly and not possible to restore the original code without backup. https://newwebsiteurlgoeshere.com/wp-admin/admin.php?page=WordfenceScan”.
He sent me a log of all three of my website that displays extensive malware in every code and every plugin for the websites. He was able to restore the wp-admin access to the sites and get the website to load, but they load severely slow and show damages in the design and images. The malware is still present because he tried removing it from one website and distorted it, so I stopped him from removed the malware from any other website.
Please assist me, I will privately email you my urls and server information is you need this.
Thanks.
