Posted 1 year ago #
Hi All,
I'm using hostgator for my hosting and when I logged into cpanel I noticed that I had a bunch of processes running.
When I clicked on details, they were all the same. Many of my WordPress sites had this:
(my domain)/wp-includes/class-read.php
Does anyone know what this is? Is this normal for a WordPress site to run this process, or does this indicate I'm being hacked somehow?
Thanks, Susie
Have you tried:
- deactivating all plugins to see if this resolves the problem? If this works, re-activate the plugins one by one until you find the problematic plugin(s).
- switching to the Twenty Ten theme to rule out any theme-specific problems?
- resetting the plugins folder by FTP or PhpMyAdmin? Sometimes, an apparently inactive plugin can still cause problems.
Posted 1 year ago #
Hi,
I haven't gone that far but...I did see the file class-read.php. But when I try to edit it, I see binary code so it looks like it's some kind of program rather than a php file. Also as a test I did a new wordpress install. There is no class-read.php file as part of the new install. Which makes me think it's a hack thing.
Maybe I'll just delete class-read.php and stop the process.
Posted 1 year ago #
Well..this is interesting.
That class-read.php file has a modified date of 11/3/2008 at 6:25 pm. There are three other files that have exactly the same modified date and time:
class-pop.php (text file, part of my new WP install)
common.php
wp-vars.php
These last two files are exactly like class-read.php in that they are binary files and they do not exist in my new install.
I'm not sure what that all means.
This topic has been closed to new replies.
