Check my WP site for base64 code?

David Beroff

David Beroff

Well-known member
Registered
Joined
Jun 14, 2016
Messages
1,498
Points
63
Is there a way to scan my WordPress site for potentially malicious code? I read a few articles and they said that I need to check my WP site for base64 code but where and how then they didn't say in details. Can you guide me?
Your help would be appreciated.
 
mobin

mobin

Well-known member
Registered
Joined
Jun 22, 2017
Messages
234
Points
28
If you are a website owner, the common and useful security plugin for WP nowadays I am hearing is wordfence. That also has a feature that actively protecting your installation. But I don't have any previous experience with it and cannot recommend; please check user reviews and see if that is useful for you.

Another easy technique is to download your files locally, scan with an updated anti-virus , clean the reported code and upload back to the server. Finally, if you can get hold on your technical support team, check whether the server is loaded with scanner software, so that you can use it to scan.
 
Sean101

Sean101

Member
Registered
Joined
Apr 15, 2016
Messages
60
Points
8
As my experience, base64 code can in included in your Wordpress file and databases.
Download your files and databases to your PC and using a tool and starting search with base64 or eval. It is better if you can manually check your files and find any suspicious codes because hackers tend to encrypt their codes to protect from viewing.
 
VirtuBox

VirtuBox

Well-known member
Registered
Joined
May 3, 2016
Messages
1,622
Points
83
VirtuBox
My opinion = no wordfence ...
Here some command to check your wordpress instance :

Code: 
# If the hack was recent, check lastly modified files
$ find . -mtime 0

# Some hacks are nice enough to include a comment for when a block starts/ends  (ex: //istart)
$ find . -type f -name "*.php" | xargs grep -H "istart"

# Normally files with hacks use base64 encoded data in an attempt to hide code
$ find . -type f -name "*.php" | xargs grep -H "base64_decode"

# Eval-ing of code is usually a sign of something naughty (allthough lots of plugins etc use this)
$ find . -type f -name "*.php" | xargs grep -H "eval("

# Sometimes php files are "hidden" inside the javascript assets folder
$ find wp-includes/js -type f -name "*.php"
Source : https://gist.github.com/andersevenrud/63b567e3489aafde64a6
 
You must log in or register to reply here.
Older Threads
David Beroff
Best Ad Networks for Web Hosting?
Replies
3
Views
3,135
overcast
David Beroff
Best paid SSL certificate providers?
Replies
14
Views
7,354
VirtuBox
mcottle
Is Zoho mail safe?
Replies
3
Views
5,005
Denis // trabia
mcottle
Mailgun vs Sparkpost
Replies
1
Views
3,387
hostproton
mcottle
What hosting offers are you looking for?
Replies
3
Views
1,894
HostBastic
Newer Threads
Mujkanovic
Generating SSL Certificate using cPanel or using Cloudflare.com?
Replies
1
Views
3,610
VirtuBox
W
What is Google's Fred Update?
Replies
3
Views
1,960
dina
W
Why it is necessary to submit website to Google?
Replies
9
Views
3,070
jenniferravon
paivadaniel
How to promote web hosting offers with ppc/ppv campaigns??
Replies
2
Views
3,217
overcast
Medhahosting
Looking for New Website desgin for hosting business
Replies
9
Views
2,833
LarsJ
Latest Threads
josephilip
Welcome to ServerMO: Excellence in Dedicated Server Hosting
Replies
0
Views
40
josephilip
cancan
Save an incredible 90% off! The Best HostPapa Deal so Far: Unlimited SSL, 50 GB NVMe, 24/7 support
Replies
0
Views
71
cancan
M
How to Choose the Best Web Hosting Provider for a New Website ??
Replies
1
Views
57
BlueLeaf
J
Jtti: What are some common misconceptions about firewall rules?
Replies
0
Views
162
jtti
Mvv758
Hello
Replies
1
Views
86
AlbaHost
Recommended Threads
Corobo
Why Signing Up Two People A Day Can Be Easy
Replies
0
Views
2,320
Corobo
MooseLucifer
Tips to optimize LAMP server
Replies
3
Views
3,761
bknights
Michele D.
Should I use classified ads to drive traffic?
Replies
4
Views
2,894
sanusense
N
SELLING cPanel Web Hosting | Host Upto 10 Domains | $3.7/mo | Instant Setup | 50% OFF Lifetime.
Replies
0
Views
1,881
nogics
Chris Worner
How to block Brute Force Attacks?
Replies
15
Views
4,897
Chris Worner
Similar Threads
Cheerag Nundlall
Checking Memcached Usage on WordPress Site?
Replies
12
Views
3,219
Mjlivera
L
Please check out my website
Replies
3
Views
1,617
Require
David Beroff
How to check new uploaded files to my websites recently?
Replies
6
Views
2,558
NoFrillsCloud
Gmeister4
How to check if my site uses HTTP/2 or HTTP/1.1 ?
Replies
8
Views
3,789
Mujkanovic
DiamondIM
How to Monitor, Check, Remove, and Prevent Malware from Your WordPress Site?
Replies
4
Views
2,780
AlbaHost

Latest postsNew threads

Latest Hosting OffersNew Reviews

Popular Contributors - Past 30 Days

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
  • cpanel
  • dedicated
  • free
  • hello
  • hosting
  • hosting services
  • marketing
  • offers
  • seo
  • server
  • services
  • vps
  • web
  • web hosting
  • website
  • wordpress
    • Top