Code injection

What is code injection? one of the websites it gets hacked by someone because when I open my website it gets redirected to another website. I have removed that code injection script from the website and also removed his database files from my server database but its temporary solution I guess because again I am getting spam links on my website.

How I can solve this problem. please help me with permanent solutions for the same.

What is your current hosting plan? shared or a VPS? Which control panel are you using? and are you using Worppress?

It could come from your platform or your hosting, you need to secure your server and website after removed malware codes.

Maybe you need to contact this person @Malware.Expert

His service here https://forumweb.hosting/marketplace/malware-scanner-and-removal-tool.1728/

Unisecure said:

What is code injection? one of the websites it gets hacked by someone because when I open my website it gets redirected to another website. I have removed that code injection script from the website and also removed his database files from my server database but its temporary solution I guess because again I am getting spam links on my website.

How I can solve this problem. please help me with permanent solutions for the same.

Click to expand...

If you are using whm cpanel, consider of installing Mod Security and configure it, it should help well. Oh and never ever use cracked themes/template, because that's why they are cracked/nulled.

@Unisecure
I would consider a professional clean up service or contact host if possible run a scan using https://sitecheck.sucuri.net as well as https://www.virustotal.com/#/home/url considerr https://www.malcare.com/pricing/ for clean up look under hack clean
Remember however that even though I have total confidence in this service that I’m recommending to you

The only real solution for malware clean-up is having an experienced developer to review and not just clean up the website, but to fix and patch the vulnerabilities. Plugins like the one you mentioned always end up just being band-aid solutions at best. Standard protocol for any hack is always a complete delete of files on server, clean back-up reloaded and then proceeding to patch the vulnerabilities.

also please let me know if i was able to help you today?

I remember this happening to me on my blog. I didn't know what to do really. There are lots of unknown posts inserted on my DB that links to weird DVD sites. Well since I'm the only one managing the website, all I did was upgrade my wordpress (since there was a security update). Manually deleted those weirdly inserted data on my DB and added security measures when adding comments and on my login page (adding captcha). It worked fine after that.

No malware find or removal tool can help you here to stop the attack...what you need is to identify how the hacker could exploit your application and inject code and patch that security hole...at the same time a good WAF can help you as well to protect from generic and modern attacks....of course a good scanner can enhance the protection level.