WordPress.org

Support

security

  • Hi,

    I have several sites running using themes I purchased from a high-end template site. The sites are related and there is a link to the other sites on each site. The templates are from the same template company but made by different authors.

    I use WordPress file monitor and recently I’ve been getting emails like the following:

    Changed:
    wp-includes/js/l10n.js
    wp-includes/js/jquery/jquery.js
    wp-content/themes/stereoline/js/jquery-1.4.1.min.js

    The email has a link to the site and when I click on it I am taken to the site and then, after a short wait, redirected to some “celebrity gossip” site or similar. But if I try to go to the site itself again, I am no longer redirected. (The file monitor alert exists inside the back end of wp as well so it is not a fake email.)

    This has been happening to one site and then another. I contacted my hosting company and they cannot detect any malware on my sites and assure me that their servers are secure.

    I contacted the template companies and they tell me there are no “holes” in their templates. And as far as wordpress, I am using the latest version.

    Not sure what to think anymore and how they are getting access to make these changes. I use fairly strong passwords and have removed all ftp access to the server.

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘security’ is closed to new replies.
Skip to toolbar