Title: wp-manager.php?
Last modified: August 19, 2016

---

# wp-manager.php?

 *  [kqf3143](https://wordpress.org/support/users/kqf3143/)
 * (@kqf3143)
 * [17 years, 3 months ago](https://wordpress.org/support/topic/wp-managerphp/)
 * I’m looking for information about a file that I’ve just found in my /wp-content
   directory named wp-manager.php. I’ve got an inquiry in with my hosting provider,
   trying to find out if this is an artifact of their one-click install process,
   but I’m finding nothing out about this online.
 * I’m asking because this morning I discovered that both my theme’s header.php 
   and WP’s index.php had been hacked to include long bits of base64 code that were
   generating oodles of spam links. And the mod date on wp-manager.php is more recent
   than any changes I’ve made to the site, and much more recent than the last one-
   click upgrade I did.
 * Any info you’ve got would be appreciated… –KF

Viewing 8 replies - 1 through 8 (of 8 total)

 *  Thread Starter [kqf3143](https://wordpress.org/support/users/kqf3143/)
 * (@kqf3143)
 * [17 years, 3 months ago](https://wordpress.org/support/topic/wp-managerphp/#post-984296)
 * According to my hosting provider, this file is not an artifact of the one-click
   install. It’s some kind of file manager, but I can’t tell what it does, or where
   it came from. And given that my site had recently been hacked, I’m wondering 
   if this is a malicious bit of code someone managed to write to my server. I’ve
   deleted it, re-installed WP, cleaned up all my theme files, and changed my passwords,
   but I’m still curious whether anyone knows anything about this…
 *  [moltz](https://wordpress.org/support/users/moltz/)
 * (@moltz)
 * [17 years, 2 months ago](https://wordpress.org/support/topic/wp-managerphp/#post-984532)
 * Same thing with me. Hacked site and I found that file and deleted it with no 
   deleterious effects.
 *  [moltz](https://wordpress.org/support/users/moltz/)
 * (@moltz)
 * [17 years, 2 months ago](https://wordpress.org/support/topic/wp-managerphp/#post-984541)
 * This file, of course, keeps coming back along with the associated spam code in
   the header file of the template, even though I’ve changed the FTP password. It
   always comes back after spam comments so – and I know nothing of these things–
   I wonder if it’s being injected through the commenting system.
 *  [moltz](https://wordpress.org/support/users/moltz/)
 * (@moltz)
 * [17 years, 2 months ago](https://wordpress.org/support/topic/wp-managerphp/#post-984542)
 * This file, of course, keeps coming back along with the associated spam code in
   the header file of the template, even though I’ve changed the FTP password. It
   always comes back after spam comments so – and I know nothing of these things–
   I wonder if it’s being injected through the commenting system.
 *  [john-vs](https://wordpress.org/support/users/john-vs/)
 * (@john-vs)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/wp-managerphp/#post-984598)
 * Did anyone ever figure out how to clean this mess up? I’ve got the same thing.
   There’s a file called wp-manager.php. It was placed in the contents directory.
   From what I can tell it was a fairly advanced hacking tool designed to go through
   your entire site and identify index files etc. There was also a javascript cache
   file and another file. I deleted all of these and still I have a cache subdirectory
   which keeps filling with spam and spam appears on a hidden layer on all my posts
   and pages. The problem went away briefly when I updated to 2.8 but now is back
   same as ever.
 * Google has threatened to delist me. What can I do?
 *  [sleepw](https://wordpress.org/support/users/sleepw/)
 * (@sleepw)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/wp-managerphp/#post-984599)
 * found this..hth
    [http://boxofjack.com/articles/2009/02/09/spam-links-injected-into-wordpress-27/](http://boxofjack.com/articles/2009/02/09/spam-links-injected-into-wordpress-27/)
 *  [john-vs](https://wordpress.org/support/users/john-vs/)
 * (@john-vs)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/wp-managerphp/#post-984600)
 * Related: [My Blog Hacked](http://smackdown.blogsblogsblogs.com/2009/01/16/my-blog-hacked-yet-again-wordpress-265-vulnerability-exploit/)
 *  [sleepw](https://wordpress.org/support/users/sleepw/)
 * (@sleepw)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/wp-managerphp/#post-984601)
 * if you want to read a personal horror story:
    [http://wordpress.org/support/topic/211183?replies=15](http://wordpress.org/support/topic/211183?replies=15)

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘wp-manager.php?’ is closed to new replies.

## Tags

 * [hacked](https://wordpress.org/support/topic-tag/hacked/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 8 replies
 * 4 participants
 * Last reply from: [sleepw](https://wordpress.org/support/users/sleepw/)
 * Last activity: [16 years, 11 months ago](https://wordpress.org/support/topic/wp-managerphp/#post-984601)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics