ubaphyggMy WP site for our parish was just hacked.
The hosting company said they found a PHP shell in the theme directory.
They removed it and restored from a backup. Now all is well.
The question remains - how did that happen?
And is there a way to keep it from happening again?
I appreciate any insight you may have on this.
Thanks
