Clean WordPress installation hacked (no plugins)
-
Hi, last year I had a test installation on one of my domains. No plugins/themes/etc at all, just a clean installation to do some tests.
I left it unattended for some months and today I found what I think is a weird hack, compromising my website.
What afraid me most is that the WP installation was done in a folder but I found duplicated (compromised) files in the root directory where there was none of them by myself.
Compromised files: .htaccess, index.php and xmlrcp.php
Begin of the malicious code:
[ No, do not post that here again ]
I cannot find some information about this, just to let you know, I’m not sure if this is the first notice you have about this.
I can provide with the full files for you to analyze.
My web hosting left quarantined a file, not sure if this is the origin of the attack.
- The topic ‘Clean WordPress installation hacked (no plugins)’ is closed to new replies.