I have a WP install, and every few weeks some hackers keep adding some bunk script to the bottom of certain files, making the WP site not function. I've changed the user/pass to WP and this obviously isn't wo开发者_如何学JAVArking. I'm thinking since they are effecting files that are not visible via the WP login files (which are just theme files) then does this mean they are getting access to the FTP and making their hacks there? If they are getting into FTP then why wouldn't they just remove all docs?
Any insight would be greatly appreciate it. While I appreciate the billable hours to find/remove this code every few days the client isn't as excited about it as I am.
then does this mean they are getting access to the FTP and making their hacks there?
Likely yes. There are a lot of automated hacks of sites to include scripts/iframes pointing at security hole exploits.
These exploits typically install a fake-antivirus program and other trojans, including, often, FTP password stealers. These compromised FTP accounts are then used to infect other sites in the same way.
So, you need to ensure any and every machine that is used to access the FTP site is totally clean. Don't trust one single anti-virus to say you're clean, because today's anti-virus is utterly useless at catching the wide range of trojans out there today.
Especially don't trust an antivirus that claims to have ‘cleaned’ an infection, because it is very likely it hasn't cleaned everything. If you find a trojan or have at some point recently had an AV find a trojan (that isn't a false positive, another huge problem of today's hopeless anti-virus software), it's time to reinstall the OS because that's the only way to be sure.
Then change the passwords again, worry about all the other passwords of yours it might have stolen, and finally migrate to SFTP for uploading your files. FTP is an insecure ancient relic that nobody should still be using for admin in this century.
(Another possibility would be that the host itself was hacked, if you're sharing a server. Check other sites on the same machine that aren't accessible through your FTP account and see if they're affected the same.)
If they are getting into FTP then why wouldn't they just remove all docs?
Where would be the profit in that?
The vast majority of exploits out there today are from criminal businessmen after users' cash, not hacker kids doing it for fun.
You can try installing...
"Akismet" Plug-in
WP-SpamFree
I am using 3 plugins together:
- Akismet
- Spam Free Wordpress
- WP-SpamFree
I think you may try install even more and see if it help solving the problem.
Update to latest version.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论