For the last month or two I've been experiencing consistent, repeated hacks on the same WordPress blog - as far as I can tell, both the FTP and wp-admin passwords are secure, certainly not something easily "hackable".
I came online this morning to see this high traffic sites injected with this freaking code again - I've cleaned and secured this same blog at least half a dozen times now and it NEVER seems to help!
I'm super frustrated and would appreciate any help.. I'm at my wits end and this is a very important project that I need to keep secure.
By the way, I'm running Windows 7, using FireFox.
WordPress is completely up to date, running 3.3.1 - I'm using the Genesis framework and that's completely up to date, too.
- this code injected near the footer:
[ Do not post malware code here. ]
- on page load the java icon pops up on the task bar - on one occasion the script closed my browser and infected my computer with some type of malware/virus - I had to restore to get back up and running - other times the java icon loads and then nothing happens
- I found "php.ini" under the root directory of the WordPress install - it contains:
[ 1,000+ lines moderated. Honestly, do not do that again. Use pastebin.com instead if you must. ]
I'm really truly at my wits end here - if you're good with WordPress, I'll definitely consistent paying you to secure this blog for me.
Unfortunately, I didn't know what else to do, so I re-installed WordPress on the live site - I did take the ZIP of the old installation, in case anyone would like to take a look.
Thanks in advance for any guidance!