Header.php hacked. Need advice, have tried (seemingly) everything

  • For months now, I’ve had header.php repeatedly hacked with a spam injection. (Check out the source at my site, fungibleconvictions.com.

    I need some unconventional thinking from the WP community on this, because I’ve tried everything currently suggested in the forums.

    • I’ve upgraded and reinstalled WordPress
    • I’ve uninstalled plugins
    • I’ve changed WP and hosting passwords, deleted all users, and created a single (new) admin account
    • I’ve moved my WP install to a new, fresh database

    I’m pretty sure there are other measures I’ve taken that I’m forgetting, but nothing so far has done the trick.

    Can anyone suggest more steps for me to try?

Viewing 2 replies - 16 through 17 (of 17 total)
  • beyoyo2

    (@beyoyo2)

    Thanks squaredesign!
    Sure enough, I found 2 files in my uploads folder that were causing major problems.
    Should that directory be set to 755?
    BlueHost is my host for this site.

    Samuel B

    (@samboll)

    Should that directory be set to 755?

    definitely

Viewing 2 replies - 16 through 17 (of 17 total)
  • The topic ‘Header.php hacked. Need advice, have tried (seemingly) everything’ is closed to new replies.