• I’ve recently had a *lot* of hits on the xmlrpc of one of my sites (56,000 per day) – even though it’s 403’d in .htaccess

    Roughly simultaneous with that (I’ve not trawled the logs sufficiently to know exactly when), I’ve had a bunch of code injected into the head of pretty much every PHP file I’ve looked at on the site, including in template directories.

    The effect of this code seems to have been to ‘hang’ the site – it basically became unavaiable.

    Can anyone tell me what the attack is, what it’s supposed to do, how it was done, and how to harden against it? (I’m clean installing 3.8.1)

    Cheers

    Charlie

    injected code:
    [Redacted – Please don’t post that here]

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Site Hacked’ is closed to new replies.