WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] BPS - one type of file still gets injected (2 posts)

  1. poisonborz
    Member
    Posted 2 years ago #

    Hola,
    After a string of all-round php injection attacks, I've looked for a solution, and BPS proved to be awesome. But... One type of file, namely header.php in each theme folder still gets infected. Is there a way to protect those too?

  2. AITpro
    Member
    Plugin Author

    Posted 2 years ago #

    BPS is designed to keep hackers from getting into your website. If your website has already been hacked then BPS cannot automatically clean it up.
    BPS will block a lot of hacker scripts if your website is already hacked, but it cannot block everything.

    You should restore your website from a good backup or do a clean installation of your site if you do not have a good backup to restore from.

    Here is the bigger picture. Let's say that since your website was already hacked then most likely the hackers have placed backdoor scripts throughout your website files and maybe even your database. They will continue to execute those scripts remotely or maybe some of them are set on a timer to reinfect files at regular intervals. You need to completely clean or reinstall your website in order to ensure that no hackers scripts are still in your website files and/or database. You should also change all of your passwords. If you are not using an obscure Admin username account then create one. You should also be using a Login protection plugin that bans failed login attempts after X amount of failed login attempts.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic