HACK: eval-gzinflate base64_decode | WordPress.org

MetCat
(@metcat)

13 years, 3 months ago

Hello,

The eval-gzinflate base64_decode hack has attacked my WordPress-blogg. I found a way to remove it – by simply swopping all files with my backup files. However, after some minutes, the malicious code always returns.

I have removed almost all plugins from the server but I can’t find its access door. The FTP password is changed as well. Can the code have reached my database perhaps? I’m not very good with phpmyadmin but is it something I should do there to prevent the code from coming back?

Any help is much appreciated!

Viewing 1 replies (of 1 total)

esmi
(@esmi)

13 years, 3 months ago

You need to start working your way through these resources:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Additional Resources:
Hardening WordPress
http://sitecheck.sucuri.net/scanner/
http://www.unmaskparasites.com/
http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

Viewing 1 replies (of 1 total)

The topic ‘HACK: eval-gzinflate base64_decode’ is closed to new replies.

In: Fixing WordPress
1 reply
2 participants
Last reply from: esmi
Last activity: 13 years, 3 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics