What is this Virus in index.php file –

The type of the virus normally is shown as  SiteLock-PHP-FILEHACKER-rv.UNOFFICIAL by the virus scanner. It can be a foreign javascript or php code or iframe in your index.php file. These scripts or code might be redirecting your website to some other adware site or trying to steal sensitive user data from your website or might try to bring your website down altogether.

How to Disinfect index.php file of Virus –

Directly deleting this file doesn’t work in this case as it is the core file of the WordPress system and removing it will crash your website down. There are two ways you can disinfect your website of this virus in your index.php file.

Method 1 – Replacing it with a fresh index.php file from a similar version of WordPress – As this file doesn’t contain any running data so it can be replaced with a fresh file. Follow the steps to do this :

  1. Go to your file manager from cPanel or FTP account
  2. Reach to the installation directory of WordPress, usually, it would be public_html
  3. Look for index.php file and delete it
  4. Download the fresh copy of the similar version of WordPress from wordpress.org
  5. Unzip the downloaded files and look for index.php
  6. Upload only the index.php file in the same directory from which you deleted it.
  7. Done. Your website should be working fine now.
  8. Also run the virus scanner once just to be double sure.

Method 2 – Removing malicious code from index.php file – You can also remove the malicious code from index.php file. Follow the steps :

  1. Go to wordpress.org and download the fresh copy of the similar version of WordPress and unzip it.
  2. Open the index.php file from the freshly downloaded copy on your local system and on the server in file manager.
  3. Compare both files to find out the extra lines of code in the server’s copy.
  4. Once you find these extra lines, delete them.
  5. Run the virus scanner again.
  6. If it doesn’t detect your index. php file as virus this time, it is done.
Was this answer helpful? 4 Users Found This Useful (5 Votes)