backdoor script

  • Resolved verityr

    (@verityr)


    7 years, 8 months ago

    For months now, someone has been uploading a backdoor script named “temp1-1.php” to my core files. I have 3 different security plugins running, including yours, and none of them have alerted me that this script is being uploaded; it’s my host that has been alerting me if I don’t catch it first. At least your plugin allows me to delete the script effortlessly. When I went to delete the script this morning, I noticed that in the Audit Logs I noticed an orange dot on the line with the time and User authentication succeeded, and my I.P. address. I was asleep during that time. Your plugin caught something fishy going on, but how? And with my I.P. address? What did your plugin suspect that it should show the orange warning dot next to it? I’ve been trying to stop this person from doing this for months, but to no avail.

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘backdoor script’ is closed to new replies.