A code injection attack can be hard to detect. Your first warning may be that users get a browser warning when they access your site. It could be that the email you send has been blacklisted. It might be content on your site that shouldn't be there. Your site might stop appearing in search engine results.
If you see warning signs like these, you should check the files in your WordPress installation for recent changes. A theme's
functions.php should be no newer than the latest update of the theme. If it's newer, you should check it for suspicious code, such as the section quoted in this article.
If you find a problem, you can try
cleaning malware from website yourself. To attempt it, you should be comfortable going into file directories, examining files, working with a database, and making changes. A relatively simple fix is to restore the site with a backup from before the infection happened. Be wary of overwriting essential data on one hand and failing to remove the root cause on the other.
If the attackers don't overplay their hand, the malware can remain in place and do subtle damage over a long period of time. To catch and remove infections quickly, you can
sign up for our monitoring and cleanup service. We have a variety of plans to suit your budget and the level of protection you need. Having ongoing protection will make your site more reliable and give you peace of mind.