Okay, so I've been getting an error from my plug-ins about an invalid header. After some research, I'm thinking the site was hacked. Here's what I did:
- Changed the admin password to something even harder than befre
- Changed the secret keys to new salt keys & updated the config file
- Deleted all the plugin files from the host side and installed all new copies
- Installed an antivirus plugin to scan everything in Wordpress
The plugin I'm using says it suspects malware. Every scan has the same line of code:
... preg_replacezwhnxvilco'; $zgriczqylu = explode(chr((288-244)),'2438,54,4828,24,3367,51,9827,38,7257,5 ...
How do I go about removing this from wherever it resides?
Current Setup:
- Theme X theme
- Multiple plugins, all seems to be reputable and most are purchased instead of free versions
- Updated to Wordpress 4.0 yesterday, but found the invalid header error today
Sorry, if this is a repeat, I've looked through a few other posts that include steps that talk about removing the lines of code from the plugin php files, but not sure how to find and do that .
Thanks!