Last year i did not updated my wordpress installations and as a result im seeing malicious scripts are being injected into my Wordrpress directory sctructure. If im not using Namecheap hosting i may not know about it at all and i would have various ddos and spam scripts on my hosting i guess.
Example detection:
Code:
'[PHP Exploit [P0233]]': /home/*/public_html/*.info/wp-content/themes/twentyten/sidebar-footer.php
I think thanks to vulnerability in Wordpress or in its theme someone was able to upload malicious script sidebar-footer.php ...
But i got above notifficaton from Namecheap, i think they using ConfigServerExploit scanner.
What is the best way to prevent these injections?
Bookmarks