WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Site keeps getting hacked with most recent WP version (4 posts)

  1. SRD75
    Member
    Posted 6 months ago #

    For about a year, my site has had the following files injected into the file system:

    wp-admin/images/pxGnMSNjOgfM.php
    wp-admin/user/IZVoyKGRxHzP.php
    wp-admin/user/EeBGfsiVBLxa.php
    wp-includes/Text/Diff/Renderer/vDNLdpjrxhBu.php
    wp-includes/SimplePie/Net/FCSsGjSuZbut.php

    Currently, I have the following plugins activated:
    - Akismet
    - Better WP Security
    - WP Remote

    In the past, I have also had the following plugins activated:
    - AddThis Social Bookmarking Widget
    - AntiVirus
    - Block Bad Queries (BBQ)
    - Broken Link Checker

    When I have discovered a hack, I have overwritten the remote site's files with a newly unzipped copy of the current WP version files.

    I recently updated to WP 3.8, and Better WP Security's file change warning just warned me that today the same files are back.

    Any ideas on how to stop this happening?

    Thanks.

  2. Tara
    Member
    Posted 6 months ago #

  3. SRD75
    Member
    Posted 5 months ago #

    I went to create a cron job, and I discovered 5 cron jobs which were copying the files into my website from a remote host.

    I deleted the cron jobs, reset my cPanel password, and reset my FTP password.

  4. Tara
    Member
    Posted 5 months ago #

    Glad you sorted it out :)

Reply

You must log in to post.

About this Topic

Tags