Theme Keeps Getting Hacked

  • I help admin a site running the latest WordPress. It uses the TwentyTen theme version 1.6, the latest. For the last six months every so often code is added to the theme files causing Chrome warnings as well as other problems. The site doesn’t allow for user registration nor login (beside admin).

    The first thing I did was lock the site down by changing the username and passwords of the database, the admin account and server (FTP) account. I added a final layer of security by adding a password to the wp-admin folder. Still, code gets added to the theme. At a loss for what else to do I completely wiped the install and did a fresh install with new username and password for everything. Still the code is added.

    I don’t know what else to do. Is there something I’m missing that is allowing this code to be added? Is there a way to track exactly when and how it’s being added and from what IP?

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Theme Keeps Getting Hacked’ is closed to new replies.