Checking for hacked files in Wordpress Site
|
05-02-2014, 03:04 PM
Post: #1
|
|||
|
|||
Checking for hacked files in Wordpress Site
Wordpress hackers typically upload scripts that execute 'eval'
in the public_html or docroot directory for the website you can use find . -type f | xargs grep eval note that you should carefully scan the output as there are many files in wordpress that use eval, including plugins, however this should help narrow down the results You can also consider adding the "wordfence" plugin into Wordpress There is a new setting: Improvement: Added "high sensitivity" scanning which catches evals with other bad functions but may give false positives. Not enabled by default. Consider switching this on also |
|||
« Next Oldest | Next Newest »
|
Messages In This Thread |
Checking for hacked files in Wordpress Site - knifebunny - 05-02-2014 03:04 PM
|
User(s) browsing this thread: 1 Guest(s)