I have several instances of WP on one hosting server.
All of them were hijacked. The sites were available, but when I found it through Google, they were suddenly redirected to some polish domain with some malware.
I found that in files wp-config.php and 500.php and maybe others were strange codes starting by something like this :
And there was probably that redirection. So I reinstalled tens of my sites :-(
But now, I would like to prevent this situation, and I am not sure, how it happened. This code was written into php files, which are not part of WP templates.
I am not sure if my FTP password was somehow stolen or something like that ? Or any other type of hack ?
I already change all passwords etc, but still I am quite stressed by this ...
Has somebody similar experience ?