I have Ipower host, which is suspect by many WP owners now, but I don't know if this is a security breach with them.
Added Plugin Firewall WordPress 2 2 weeks ago. I got notified yesterday that someone inserted code in my search function, like this:
's = Search this site.../trackback'.
I assume anyone using the search function would get redirected. This is only in one of my 4 blogs.
Has anyone ever seen spam be able to get in the search function before?
Also, I would like to tighten up my permissions, but 644 doesn't work for my ftp nor my host. I finally had to settle for 754. Not much different from 755, but not sure what else I can do. Suggestions?