My site reported as malware. Appreciate some guidance
I received an email today from Twitter which said it was removing a link in a profile because it was malicious. At frst I dismissed it thinking that the email itself was spam, but a visit to the site in question shows that it's been reported as a malware site.
The site is accessify.com, one that I've run (or ignored, left to fester) for some years.
What I've done/checked so far:
- I have checked FTP access and no important files (includes, common script files) appear to have been compromised, basedon file modifed dates
- I've checked Wordpress is fully up to date
- I've changed WordPress login as well
- Will change FTP password next
- I've run a network monitor on some of the pages to see if anything is being pulled down that looks like it's from an external source, but nothing showed for me
But here is where I get to my limit of knowledge. I do not doubt there's a problem, but have no idea what to do next. Frankly, given how much I do with the site, I've half a mind to take the whole site down and be done with it. It doesn't earn any money! But there are tools on the site that are genuinely useful to people
I'd like to ask some knowledgable security people here for advice. If you are able to identify where the problem lays, that would be great.