WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] some code base64_decode and files in my website? (5 posts)

  1. taghaboy
    Member
    Posted 1 year ago #

    hi all,
    I have some strange files in my website, and i dont know how it was her, for example i have in the root and in the folder "www" a php file :
    default.php
    with this code inside it :
    <?php eval(gzinflate(base64_decode(".......; ?>

    hacking code removed by moderator

    Also i have some code in .htaccess with a link inside it :
    [ redacted ]

    Is any one know how those files are inserted in my website?

    Thanks

  2. You got hacked. Work your way through these resources and follow all instructions to completely clean your site or you may be hacked again. See FAQ: My site was hacked « WordPress Codex and How to completely clean your hacked wordpress installation and How to find a backdoor in a hacked WordPress and Hardening WordPress « WordPress Codex.

    Change all passwords. Scan your own PC. Use http://sitecheck.sucuri.net/

    Tell your web host you got hacked; and consider changing to a more secure host: Recommended WordPress Web Hosting

    If you can't do the work yourself, consider looking for a reputable person to fix it correctly on jobs.wordpress.net or freelancing sites such as Elance. (It's not a good idea to respond to unsolicited emails from forums users offering to work for you.)

    Some plugins might be useful: Search for "security" « WordPress Plugins

  3. taghaboy
    Member
    Posted 1 year ago #

    Thanks for all information, just last question :
    I scan my pc with Kaspersky PURE with last update and MBAM, the result for virus or trojan are 0, i connect to the net with the Sandoxie.
    so, is my website hacked via my PC or via my server (hosted in OVH.com)

    Thanks.

  4. Your server at OVH.com.

  5. taghaboy
    Member
    Posted 1 year ago #

    i ask any moderator to delete the link in my first post, it's dangerous .
    Thanks and sorry to provide it.

Topic Closed

This topic has been closed to new replies.

About this Topic