Title: Theme Keeps Getting Hacked
Last modified: August 21, 2016

---

# Theme Keeps Getting Hacked

 *  [thunderclap](https://wordpress.org/support/users/thunderclap/)
 * (@thunderclap)
 * [12 years ago](https://wordpress.org/support/topic/theme-keeps-getting-hacked/)
 * I help admin a site running the latest WordPress. It uses the TwentyTen theme
   version 1.6, the latest. For the last six months every so often code is added
   to the theme files causing Chrome warnings as well as other problems. The site
   doesn’t allow for user registration nor login (beside admin).
 * The first thing I did was lock the site down by changing the username and passwords
   of the database, the admin account and server (FTP) account. I added a final 
   layer of security by adding a password to the wp-admin folder. Still, code gets
   added to the theme. At a loss for what else to do I completely wiped the install
   and did a fresh install with new username and password for everything. Still 
   the code is added.
 * I don’t know what else to do. Is there something I’m missing that is allowing
   this code to be added? Is there a way to track exactly when and how it’s being
   added and from what IP?

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [esmi](https://wordpress.org/support/users/esmi/)
 * (@esmi)
 * [12 years ago](https://wordpress.org/support/topic/theme-keeps-getting-hacked/#post-4862329)
 * You need to start working your way through these resources:
    [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked)
   [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779)
   [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/)
   [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/)
 * Anything less will probably result in the hacker walking straight back into your
   site again.
 * Additional Resources:
    [Hardening WordPress](http://codex.wordpress.org/Hardening_WordPress)
   [http://sitecheck.sucuri.net/scanner/](http://sitecheck.sucuri.net/scanner/) 
   [http://www.unmaskparasites.com/](http://www.unmaskparasites.com/) [http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html](http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html)
 *  [Brad](https://wordpress.org/support/users/wpblazecom/)
 * (@wpblazecom)
 * [12 years ago](https://wordpress.org/support/topic/theme-keeps-getting-hacked/#post-4862426)
 * Check the plugins you are using, deactivate all the non critical ones, update
   all others.
 * Ask your host to run a malware scan on your account. If you run a VPS/Dedicated
   server use Linux Malware Detect to scan your /home directory.
 * Run a local malware scan on your PC with MalwareBytes Free, remove anything that
   was found. It’s possible you may have a local password keylogger trojan installed
   on your webmaster PC.
 * Use htaccess rules to help protect your WordPress blog.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Theme Keeps Getting Hacked’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 3 participants
 * Last reply from: [Brad](https://wordpress.org/support/users/wpblazecom/)
 * Last activity: [12 years ago](https://wordpress.org/support/topic/theme-keeps-getting-hacked/#post-4862426)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics