Nowadays, there is a New Virus from the domain directednotconverted.ml, lowerbeforwarden.ml & donatelloflowfirstly.ga are infecting many WordPress sites. In this article we are going to remove Remove directednotconverted.ml virus from wordpress site.
List of common malware that affects the WordPress website are:
It happen due to some recent vulnerability found in Wordfence plugins. Millions of WordPress sites has been affected by the bug in the Wordfence Plugin. Follow these steps below to Fix this WordPress redirects hack.
Step to directednotconverted.ml from WordPress Site:
(1) Open cpanel and Goto public_html folder of your site. If you find a file name called: _a, _f, _s, it’s a malware injection code. You need to remove these files.
Delete this code if you find it. You might also find this code in every post and every index.php file.
Open PHPMyAdmin and choose your Database and Search for wp_post table. Edit any post and see whether these scripts are present or not.
(4) To delete the code from every post, you need to open PHPMyAdmin and select your database name (in my case, DB name is crazytech_wp). Run the SQL query to remove the scripts. In my case, I found two scripts:
- To remove lowerbeforwarden.ml.
- To remove js.donatelloflowfirstly.ga script.
If you find some new script in your post then put same query just replace the script part.
UPDATE wp_posts SET post_content = (REPLACE (post_content, "Add_the_script", ""));
This method will also work for similar viruses. It would help if you changed the domain name accordingly.
(5) Lat step Check your siteurl and home URL in the wp_options table in the Database and make sure it is pointing to your domain.
Example of this – You can see the below script in siteurl or home URL. If you find this url then remove and add your url.
Now we have successfully Remove directednotconverted.ml and lowerbeforwarden.ml viruses from WordPress Site. If you still have any issue then comment below.
Also Read: How to Use Internet in Flight Mode 2020