tthorpbrownedu

it seems to be a problem with naming the name field “name” instead of “your-name”. see https://www.ads-software.com/support/topic/213097 for similar posts and solutions.

the iframe hack that I encountered is similar to those hacks posted here, but I have a few more details that I would like to share. The attack scanned all files in the web server (many of which were outside of wordpress and included php sites and also static html sites). The attacking script added an iframe to any files which had index, homepage or default in the filename, so in wordpress, it injected the iframe into index.php, wp-admin/index-extra.php, wp-admin/index.php, wp-content/index.php, the index file for each theme and also in wp-includes/default-filters.php.
I’m not a web security expert, but I did notice that the modified sites were affected in alphabetical order, so I think the script was working through my ftp account. For this reason, I updated my password and switched my ftp service to only work over sftp, which encrypts my password.

look in your theme’s css for something like img{max-width:98%;} I took that out and the problem went away. Solution posted in the other referenced forum as well.

look in your theme’s css for something like img{max-width:98%;} I took that out and the problem went away.