Nothing like getting an out of the blue “Abuse Notification” from you webhost provider. Sigh.
About 9:00PM last night I got the warning that there was malware on my wife’s WordPress site. Scripts in three unrelated files, and who knows what else damaged.
Earlier, doing my normal maintenance, I found that the plugins and theme updates would fail. This was the first hint that something was amiss. (for the record, the three other WP blogs on the same VPS were and are fine).
I manually changed the permissions, and forcibly re-installed these plugins, and thought all was well.
Then the Abuse message. Shit.
The hosting company quarantied the affected files, and they all were in a plugin that was part of the theme. Revolution Slider. We weren’t really using it, so I removed it (forcefully), yet there is still something hinky going on.
This weekend, I will do a deep clean, and fix it all up. Alas, I really didn’t want to blow a bunch of hours on this. I will also look at a malware monitoring tool for my VPS.