Results 1 to 3 of 3
  1. #1

    How to inject to PHP file

    My wordpress index.php has just been compromised. There was this iframe code. Can someone show me how this could happen? How do people do Cross-site scripting (XSS)? If I know how the attacker do, I should be able to prevent it, right?

  2. #2
    Join Date
    Oct 2008
    Chicago, IL
    Your best bet is to monitor your access logs. You'll see the requests being sent to your site. Has your WordPress been kept up to date? If not, that might be how your site was hacked.

    Also, be certain that all of your plugins, etc. are kept up to date as well.

    Are you using phpmyadmin? You guessed it! Update that too.

  3. #3
    Join Date
    Apr 2009
    Additionally, check your ftp-logs because it is possible that your FTP account might have been compromised and was able to upload the malware/trojan content in the web space.
    Modify your FTP Passwords.
    Check your desktop computer with some antivirus software for malware/trojan's
    Update your desktop OS and browser if needed.
    █▌KVM-based SSD VPS
    ▌Unmetered Dedicated Servers
    ▌Colocation at 100 Delawanna Ave, Clifton, NJ

Similar Threads

  1. Anybody know how to block this specific PHP Inject attack using Mod_Security ?
    By smksa in forum Hosting Security and Technology
    Replies: 1
    Last Post: 06-18-2008, 08:17 AM
  2., where file.php is hosted on
    By zymic in forum Hosting Security and Technology
    Replies: 2
    Last Post: 05-26-2008, 11:41 AM
  3. PHP Inject? Help!
    By CleberDantas in forum Hosting Security and Technology
    Replies: 8
    Last Post: 02-02-2008, 10:29 PM
  4. Prevent SQL Inject
    By latheesan in forum Programming Discussion
    Replies: 4
    Last Post: 02-13-2006, 04:16 PM
  5. qmail-inject with exim
    By residenta in forum Hosting Security and Technology
    Replies: 3
    Last Post: 08-07-2004, 10:24 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts