1. If your site gets hacked, there are visible files and code that you (addressing developers and programmers) can find yourself, but that will not suffice…
2. It’s very probable that there are “Backdoor Files” also located on your server, or database, that are almost impossible to find, unless you have experience in dealing with these types of files. Backdoor files basically give hackers access to your server after you remove the immediately visible files or code, and/or change all your passwords.
3. You need to change ALL your passwords, and make sure they are difficult. It doesn’t do any good if you replace a password with something that is easy to hack. It also doesn’t do any good to change passwords if backdoor files still exist on your server, so make sure all files and malware are removed prior to you changing ALL your passwords: FTP, hosting control panel, WordPress or CMS, database, emails.
4. You need to scan your computer for malware or viruses, because you may be compromising the site from your end by uploading infected files on to the server. Basically, all ‘users’ that have access to the infected website and server, need to run a malware and virus scan.

So, what is the solution that I found?

I spent several hours researching because I really didn’t have any experience, or knowledge on how to resolve this. Ultimately, I found, and read up on Sucuri.net. They actually have a free scanner, that will scan and report malware on your site, for free.

The scanner is great to confirm if the issue you may be having is a result of your website being compromised, but ultimately you need someone to manually go in and find those backdoor files on your server and database, to fully clean your site.

I ended up purchasing one of their plans (they start at about $89 per year) for my client, and in less than an hour my client’s site was up and running, and malware free. The main benefit of the plan is that an actual technician, with actual experience in these matters, accesses your server and database, and manually scans for these backdoor files, and removes them. Additionally, if you run WordPress, as I do for most of my client’s sites, Sucuri offers a plugin that allows you to manage and monitor your website from your WordPress admin.

I wrote this not to sell you on their product, but to share my solution after spending several hours trying to learn and resolve the issue that arose with my client. If you find this, and need to get your site, or one of your client’s site up and running ASAP, I recommend purchasing a Sucuri plan. It will save you several hours, and several hairs!

Finally, don’t forget to change ALL passwords, and make them super difficult!

function jpeg_quality_callback($arg)
{
return (int)100;
}
add_filter('jpeg_quality', 'jpeg_quality_callback');