1

I am working on project on localhost (not live yet) which is built in php using codeigniter framework, recently it start showing warning message which might due to malicious code injected in website, I tried all solution like checked my index.php, .htaccess and other plugins but nothing worked for me, I have followed some blogs also how to remove malware from site but that also didn't work, so my question is how to figure out in which file, in which line malicious code is injected and how to remove using any plugin or offline tool.

some links which I followed:

https://www.globalsign.com/en-in/blog/how-to-find-malware

https://dzone.com/articles/what-is-deceptive-site-ahead-warning-in-chrome-and

MSP
  • 57
  • 2
  • 8
  • 1
    I'm not sure how someone could inject malicious code into the site if it isn't even online yet? Are you using some third party JS libraries that might be doing some funky stuff? – M. Eriksson May 11 '20 at 09:16
  • @ Magnus Eriksson this website was developed already and kept at test server,due to modification in admin panel again I am working on it by downloading from test server and start working on localhost – MSP May 11 '20 at 09:19
  • as u told js plugins are responsible, I am unable to figure out which plugin for file has malware code – MSP May 11 '20 at 09:21
  • I didn't say that js plugins _are_ responsible. I said it _might_ be that. It can also be a false-positive (the browser thinks there is an issue where there isn't one). You need to do some more debugging. – M. Eriksson May 11 '20 at 09:26
  • @Magnus Eriksson how to resolve this issue, it is urgent. – MSP May 11 '20 at 09:27
  • Not Having Proper SSL Certificate is a possible reason for that message, try to use online website with https. – Simone Rossaini May 11 '20 at 09:30
  • You need to do more debugging to find the reason. Btw, instead of downloading the site from the server, keep it in version control (like git). Then you only get it from there and push it to the server when you want to release something. Then you have the site versioned and can easily roll back if needed. You also know that you're working with a clean code base. – M. Eriksson May 11 '20 at 09:31

1 Answers1

0

I was having the same issue couple of weeks before. I noticed that wp has been installed automatically in my CI. Then i try to find from where it's calling. Then i found something in my libraries that i installed. Firstly i remove all that calls and then remove one by one wp files Note: Don't forget to check your htaccess files. That was my case you might have same. Else you can search.

Muhammad Rizwan
  • 27
  • 4