This topic contains 1 reply, has 2 voices. Last updated by Eduan 3 years, 11 months ago.
Topic Author | Topic |
---|---|
Posted: Thursday Jan 31st, 2013 at 9:35 am #40133 | |
It may be me, but it may not. I have been getting backdoor hacks into /wp-content/plugins/s2member-files — with a folder directory permissions of 705 (using GoDaddy). I have updated it to 755 – but the hacker was inserting a .htaccess file – and there was no index.php file in the folder. I’m not sure what the folder is for but the site still works despite my locking down the folder with htacess and it has stopped the injections. These were fresh installs with new DB passwords and new login passwords/accounts. I narrowed it down by last folder/file access and by using BPS Security and WSD Security. Like I said, the hole appeared to be in S2 from what I can determine. Thanks |