it works very well for most hacks
it doesn’t work if someone guesses/forces your passwords
thanks for replying!
any idea how someone got that code into my index.php?
it would only be a guess
likely a weak password on a shared server opened every site on that server for sql injection or xss
So maybe not even necessarily my PW but a neighbor on Bluehost?
I changed all my PW’s and did all the suggestions in the Codex. And installed a few security plugims, so hopefully I have prevented this same thing from happening?
thanks again for the input.
Plugin Author
AITpro
(@aitpro)
As funny as this may sound I am somewhat excited and of course i feel your pain. When your site is hacked it is at minimum a very aggravating experience. I am sorry that you had to experience this.
Which version of BPS did you have installed?
Which Theme are you using. There are quite a few free Themes floating around that come “pre-hacked” the code that adds these links is already in the Theme. Ugh.
Exploit Scanner is an excellent plugin to check for suspicious code in your Theme and website.
Please send me your website URL via the AITpro contact form so that I can run some scans of your site. Thanks.
Ed
Hey Ed, I am emailing you now from your site contact form.
thanks
oh yeah, I am glad you are excited!
Plugin Author
AITpro
(@aitpro)
Whoops my bad. I read this comment wrong. I thought you already had BPS installed. 😉 Phooey and Yeah!
Regards,
Ed