Security Question – Folder 755

This topic contains 1 reply, has 2 voices. Last updated by Eduan 3 years, 11 months ago.

Topic Author	Topic
Posted: Thursday Jan 31st, 2013 at 9:35 am #40133
Tim S Username: zoomlanski
It may be me, but it may not. I have been getting backdoor hacks into /wp-content/plugins/s2member-files — with a folder directory permissions of 705 (using GoDaddy). I have updated it to 755 – but the hacker was inserting a .htaccess file – and there was no index.php file in the folder. I’m not sure what the folder is for but the site still works despite my locking down the folder with htacess and it has stopped the injections. These were fresh installs with new DB passwords and new login passwords/accounts. I narrowed it down by last folder/file access and by using BPS Security and WSD Security. Like I said, the hole appeared to be in S2 from what I can determine. Thanks Tim

Viewing 1 replies (of 1 total)

Author	Replies
Author	Replies
Posted: Saturday Feb 2nd, 2013 at 11:55 am #40453
Eduan Username: Eduan
Hello Tim, So if I understood correctly, you’re saying that it’s possible a hacker was able to access your website through s2Member? And the hacker keeps changing the permissions of your folders? – Eduan

Viewing 1 replies (of 1 total)

This topic is closed to new replies. Topics with no replies for 2 weeks are closed automatically.

Old Forums (READ-ONLY): The community now lives at WP Sharks™. If you have an s2Member® Pro question, please use our new Support System.