Got a new Server? Must check IP reputation before production use


I just launched a new instance. It’s IP says -

Tip: Whenever you get a new IP, make sure to check the IP reputation before it can harm your site.


(Janaki Vamsi) #2

Hello there , It seems to be a virus which came from php eval (base64_decode). It is an encrypted virus which they will add redirects to IP address and will use our to get add bad advertisements. It is really very hard to get rid of that . Check functions.php, header.php, sidebar.php, single.php.
From the starting you can see that compressed come and just try using some online descriptors like

When you decode it you will see all the bad ip address they have linked.

Recently I have recovered a similar infected site of my client. Whenever you see that code you just need to act quickly. Soon I will try to write a How to guide on this .

Thanks & Regards,