wordpress wordpress redirection virus WordPress Security Experts Tips Wordpress Security Tips WordPress SPAM Solution

How to remove spam/virus or redirection virus

In this article I’m going to explain you about SPAM/virus. How it works, and how to remove SPAM/virus form your WordPress website.

Symptoms of this SPAM in WordPress:

  1. You are redirecting to URL either you are open your website or admin panel.
  2. There are no suspicious codes written on wp-config.php or index.php file.

The below-mentioned spam removal method will work  if you have any one of the below-mentioned cases:

  1.  If you are you using Astra Themes then check your plugins folder have astra-sites plugin installed.
  2. Check your database options table are you getting site_url option as “” or “” or both.

If yes then below solution can work perfectly for you:

Category of this WordPress SPAM: SPAM comes under  WordPress redirect spams or WordPress redirect hacks and it mainly uses to redirect traffic to other websites. Advertisers are the main source of income for these hackers. Because advertisers need to show traffic on their websites but it’s quite difficult to generate organic traffic. So, they hire hackers/spammers to generate traffic using this kind of methods.

But, here is a positive thing for you: In 99% cases your website content is safe because their primary target is to drive your website traffic to their website.

This means these hackers just do it to earn money and not to steal your website data or ruining your online reputation. That’s the basic difference between hackers and spammers.

It’s quite hard to figure out if you don’t have WordPress security experts in your development team. I have done two quick fixes and the site started running again. But to find these fixes, I did a complete audit of WordPress website for around 2 hours.

How to remove WordPress SPAM SPAM in wordPress SPAM in WordPress

Step 1. Login to your database, in options tables, change these two options to your original domain. to to

Step 2. Remove astra-sites plugin from the wp-content/plugins folder. This plugin is the targeted folder for hackers.

Step 3. Rename your cache plugin if you are using any. By doing so your cache plugin will be disabled and your changes will reflect instantly.

Now hit your website URL.

And you are done!

It’s quite recommended by the WordPress security team of NexGen Innovators to remove it because it exposes the server configuration while importing your theme.

It may be possible that the spammer has been selected some other weak plugin of your website. So this option will not work for you. In that case you can contact to our WordPress Security Experts to audit your complete website.

Tech Tips Web Development wordpress Wordpress Security Tips

Disable php script execution in wordpress upload folders using htaccess

Checking each plugin security is very difficult while working with wordpress. It required great skills of PHP language. So here I’m (Anup) to help you guys how you can disable execution of PHP or any other script.

How attackers use this to install malware in your website?

Each plugin and wordpress in itself upload all media files into upload folder. Sometimes you install some plugin and they install some executable script in your upload media.
e.g for this blog we have directory:

And a new plugin install a script

A single php script is enough to create anything in your website – even a file manager can be write in single php script. But what if this php file works like an HTML file.

Yes we can stop by simply installing a .htaccess file in upload folder.

How to install .htaccess to disable disable php script execution in wordpress upload

  1. Choose upload folder or anywhere (folder) where you want to stop php script execution like. Make sure not to install in root folder of your website. Otherwise your website will stop working. 
  2. In my case I selected wp-content/uploads folder
  3. Create a test.php or any file in this folder like in my case I created anup.php in in your folder. and paste following code
    echo "Hello";

    so final URL to access this file is – http://anups-air/wp/wp-content/uploads/anup.php

  4. Hit your URL in browser – you should be executed file code – means <?php and echo word should be removed. like I’m getting following output:
  5. Now let’s move to disable it. Create .htaccess file in wp-content/uploads/ folder
    <Files *.php>
    order deny,allow
    deny from all
  6. Now access your URL – http://anups-air/wp/wp-content/uploads/anup.php it should come as below:
  7. All Done

If you are still getting old output then you were unable to config properly. In this case you can take wordpress experts guide or help.

You can also comment your problem below.