eco569My site (http://paindoctors.co.nz) has been hacked 5 times in the last 10 days. I'm at my wits end and don't know what to try next.
Things I have tried so far:
- Completely deleted everything on my account including the database and reinstalled latest wordpress version (did this twice).
- Installed some security plugins (exploit-scanner, login lockdown, secure-wordpress and wordpress firewall)
- I uploaded an html .index to my plugins folder to hide my plugins.
- I scanned my computer for malware (though I use a Mac and it's less likely to be infected)
- I changed all the passwords on my account at least twice after reinstalling wordpress, and I'm using very strong passwords
- I changed the security keys in wp-config.php
- scanned my site using Dr Web (by the way, I scanned it using Dr Web after it had been hacked and before I restored it and it came up clean!)
- I have had no plugins installed since the last time I reinstalled wordpress in case they were getting in through plugins.
- I've asked my hosting provider (Hostgator) for help and they don't seem to be able to prevent the problem.
One thing I have noticed in my FTP program is a .htaccess file keeps appearing in my root folder. I keep deleting it (after reading hackers can create these files) and it keeps reappearing. The code on this file reads:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I don't know php so don't know if there is a problem with this.
I have just restored the site from a back up.
I'd very much appreciate any help with this problem.
Thanks in advance.
