In the last two weeks I've had to restore my site from a backup twice. First time appeared to be something to do with a phpspy injection hack. My wp-config details were changed and several emails were sent out using a php script which was added to my server.
I did all the usual stuff. Changed passwords etc and added 'website defender' plugin to my site and followed the advice from there.
It appears it has happened again today. I have a file on my server called byroe.php and my site will no longer load.
I'm currently in the process of restoring from a backup but can you guys give me some advice on how to prevent this from happening again?
Thanks so much.