Fli
04-12-2014, 08:23 AM
Last year i did not updated my wordpress installations and as a result im seeing malicious scripts are being injected into my Wordrpress directory sctructure. If im not using Namecheap hosting i may not know about it at all and i would have various ddos and spam scripts on my hosting i guess.
Example detection:
'[PHP Exploit [P0233]]': /home/*/public_html/*.info/wp-content/themes/twentyten/sidebar-footer.php
I think thanks to vulnerability in Wordpress or in its theme someone was able to upload malicious script sidebar-footer.php ...
But i got above notifficaton from Namecheap, i think they using ConfigServerExploit scanner (http://internetlifeforum.com/reseller-hosting/1750-configserver-exploit-scanner-cxs-experience/).
What is the best way to prevent these injections?
Example detection:
'[PHP Exploit [P0233]]': /home/*/public_html/*.info/wp-content/themes/twentyten/sidebar-footer.php
I think thanks to vulnerability in Wordpress or in its theme someone was able to upload malicious script sidebar-footer.php ...
But i got above notifficaton from Namecheap, i think they using ConfigServerExploit scanner (http://internetlifeforum.com/reseller-hosting/1750-configserver-exploit-scanner-cxs-experience/).
What is the best way to prevent these injections?