One of my site got attact. It put iframe code in almost every php file. Even though I use latest Wordpress, change FTP, and WP password it still can attact and put the iframe again. So I think it has plant a backdoor. Can the backdoor traced from Access Log, to see which file the attacker use to attact? Is there a way the attacker execute the file but not traced in Access Log, since I didn't find anything suspicious in Access Log.