I have been getting Mixed Content error in chrome console because of wp5s.org being requested over http. I didn’t realize until I moved to https from http about this malware injection from http://www.wp5s.org/jquery.js .
This kind of malware injection can be a cause of NULLED WordPress plugins or themes and can be harmful to your website in one or other way. For me this injection was happening occasionally when I visit my blog and it triggered me of an unusual activity on my site when my own website redirected to another malware site containing ads. My friend had informed me about this before but I thought it would have been a mistake or chrome extension messing up with my friend’s browser and it was not.
There will be no issue at all when you visit your blog, but there will be many problems when someone else visits your website. Your webpage can redirect to other websites and you lose your visitors, your website ranking will go down on google. Your website will have ads you have not put, pop ups and everything you do not wish to happen, collecting user information with the help of your website.
1. Use Chrome console
Press F12 and you will get a developer tool bar at down side or your page, Navigate to Console Tab and you will find a list of errors where you can take a look at your websites incorrect content or content with any error. It will list network errors and everything wrong with your page.
Usually malware injection happens over http and if your site is having an SSL your will get list of errors stating “Mixed content …. Resource requested over http …. “.
2. Search on Google
When you think any script is unintended copy the complete URL or domain on google and possibly you will find proper result if someone has mentioned about it. You may get the website link with every detail that you think it cannot be a spam.
When your search returns a website with the same URL and if it says that “A description for this result is not available because of this site’s robots.txt” then it may be a malware.
If your website or blog is redirecting to other website then take a look at your .haccess file inside your root directory of website.
Go through your header and footer files to search the malware link. Most chances of containing there scripts are NULLED plugins. Try deactivating plugins one by one and check the console if problem is resolved. Delete the culprit plugin and never use NULLED plugins.
For me I had to deactivate a NULLED plugin, and yes I won’t use any NULLED plugin from today. I almost wasted my whole day to figure out http://www.wp5s.org/jquery.js malware injection which was causing redirection to other websites.
Comment below about how you figure out malware injections and detect any issues. I would be very happy to know more.