cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

File appears to be malicious: wp-content/mu-plugins/gd-lib.php

Hi All,

 

Having an issue where when a user does a google search for my website, it appears but the links seem to be correct but when you click on them it brings you to a site selling drugs.

 

I have installed wordfence and it is notifying me that there the File appears to be malicious: wp-content/mu-plugins/gd-lib.php

 

Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: setcookie('engine_ssl_. The infection type is: Backdoor used to remotely control server.

 

Any one any ideas if this is a false positive or is there an issue

 

3 REPLIES 3
Super User II Super User II
Super User II

Re: File appears to be malicious: wp-content/mu-plugins/gd-lib.php

@lukemac

 

In your post I provided a link to check for security issues.  Did you try that?  Go to this link and run a test to find out for sure. 

 

If in fact you are hacked the site has to be cleaned.  GoDaddy does offer this service as well.

 

HTH! 😉

 

 

 

Judith
"Many of life's failures are people who did not realize how close they were to success when they gave up." ~Thomas Edison

Malicious file or Godaddy? wp-content/mu-plugins/gd-lib.php

I'm using Wordfence to scan my site and it is alerting me to potentially malicious code: 

 

  • Filename: wp-content/mu-plugins/gd-lib.php
  • File Type: Not a core, theme, or plugin file from wordpress.org.
  • Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: setcookie('engine_ssl_. The infection type is: Backdoor used to remotely control server.

HOWEVER, every time I remove the file it completely disables my site, and I'm unable to access my WP dashboard The only way to restore the site is to roll back to a previously saved version via my Godaddy backup service. 

 

Is this actually malicious code or is it a file installed by Godaddy?

 

Any help much appreciated.

Ben

Re: File appears to be malicious: wp-content/mu-plugins/gd-lib.php