Website recently received a "Deceptive Site" notice from Google. I am unable to access the dashboard via wp-login.php. Thought about using FTP to upload a Malware scan plugin, but how would I activate it? What are my options?
Navjot Singh answers:
Use FTP to take a backup of your themes/plugins/uploads folders and then delete all uploads, plugins and the inactive themes from your server. Also delete the wp-admin and wp-content and remaining wordpress files from the root folder except for wp-config.php and replace them with the files from a freshly downloaded wordpress install.
Also look for any suscipious file or a recently modified file which you didn't modify in the themes folder or the root wordpress folder.
After making these changes, try to log back in your site.
Monit Jadhav answers:
It seems like a malware, Check for any weird looking files on FTP root remove them if possible
Comprehensive guide here
Detailed tutorial similar to what Navjot said
Wordpress Guide on hacked sites
Hardening Wordpress so as to avoid future mishaps of this kind
A word from google on how to fix this
Also check out these two links below as well
Hope this solves the issue
Let me know if the problem persists
Can you share your website url?
What does google webmaster/console report says?
You can find many tutorials on youtube to cleaning wordpress files.
Here is one.
Sometime Hackers inject Scripts in database so you have to check that also.
There could be Malicious script in your theme or upload directory files so before restoring/uploading it with new wordpress files please check them also.
Many hosting provider can help you to clean infected website/files you can ask their help also.
After cleaning website you need to go to google website/google search console to let google know that website is clean now.
Don't forget to check your .htaccess file too. sometime redirect code is added there.
google webmaster/console report --
Google Safe Browsing recently detected phishing
The following were flagged --
. . . /wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=2.8.0
. . . /wp-content/themes/genesis/lib/js/menu/superfish.compat.min.js?ver=2.8.0
. . . /wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.5
. . . /wp-includes/js/hoverIntent.min.js?ver=1.8.1
. . . /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
. . . /wp-includes/js/jquery/jquery.js?ver=1.12.4
. . . /wp-includes/js/wp-embed.min.js?ver=5.0.11
. . . /wp-includes/js/wp-emoji-release.min.js?ver=5.0.11
Hariprasad Vijayan answers:
Checkout these links
Francisco Javier Carazo Gil answers:
You can do a complete scan using WordFence.
I have done some times and it worked great.
Check about the result of the scan.