davev

Update: It appears that its not someone targetting my sites at all. There appear to be 000,000s ??of cases of it.

Its not worpress specific though.

Ok, that appears to have worked. Thanks everyone for your contributions!

http://ukwebsolutionsdirect.co.uk/

It was working ok, before I changed the permissions (there were all different permissions set across the different files/ folders).

1. wordpress version would help

Ah, both are 1.5.2

2. you used “sites”.. is wp running all all the sites, or some, all the same versions, or not.

The 2 that I have noticed so far are 1.52

3. what else is being used on the sites(s)
No other cms or anything much.

—

if you are using the reccommended method of having theme files world-writable, youre inviting disaster. Thats very very insecure, regardless of what the answers to the above questions happen to be.

think about it : world-writable. it means exactly what it says. Ive gone on and on about this, “no-one” cares.

This could be the whole problem, I assumed that it wouldnt make a difference leaving them 666 or similar – most people I spoke to said the same thing. Though I never understood why it could be ok – the file is writable (but not being a tech doesnt help really)

I am locking it all down 🙂

Thanks for the quick, useful tips & quality responses. I honestly didnt even think anyone would bother answering.

I dont know what phpgedview is but if the other solutions dont solve the problem then Ill look into that.

Thanks again & Ill come back with an update.. any idea how I find the culprits now ?