Title: Firewall plugin found malware in search function
Last modified: August 20, 2016

---

# Firewall plugin found malware in search function

 *  [Drawer](https://wordpress.org/support/users/drawer/)
 * (@drawer)
 * [15 years ago](https://wordpress.org/support/topic/firewall-plugin-found-malware-in-search-function/)
 * I have Ipower host, which is suspect by many WP owners now, but I don’t know 
   if this is a security breach with them.
 * Added Plugin Firewall WordPress 2 2 weeks ago. I got notified yesterday that 
   someone inserted code in my search function, like this:
    ‘s = Search this site…/
   trackback’. I assume anyone using the search function would get redirected. This
   is only in one of my 4 blogs.
 * Has anyone ever seen spam be able to get in the search function before?
 * Also, I would like to tighten up my permissions, but 644 doesn’t work for my 
   ftp nor my host. I finally had to settle for 754. Not much different from 755,
   but not sure what else I can do. Suggestions?

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [Jonas Grumby](https://wordpress.org/support/users/ss_minnow/)
 * (@ss_minnow)
 * [15 years ago](https://wordpress.org/support/topic/firewall-plugin-found-malware-in-search-function/#post-2110894)
 * The fact that you got an email means that the attack was blocked.
 * Your whole site should be 755 except .htaccess and wp-admin/index.php which should
   be 644.
 *  Thread Starter [Drawer](https://wordpress.org/support/users/drawer/)
 * (@drawer)
 * [15 years ago](https://wordpress.org/support/topic/firewall-plugin-found-malware-in-search-function/#post-2110954)
 * Thanks, Jonas, for the confirmation on permission. I do have that, just wanted
   to make sure that wasn’t my fault.
 * And you’re right, Firewall did stop it. But I’m concerned that somehow the hacker
   got inside my WordPress! How?!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Firewall plugin found malware in search function’ is closed to new replies.

## Tags

 * [permissions](https://wordpress.org/support/topic-tag/permissions/)
 * [search function](https://wordpress.org/support/topic-tag/search-function/)
 * [trackback](https://wordpress.org/support/topic-tag/trackback/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 2 participants
 * Last reply from: [Drawer](https://wordpress.org/support/users/drawer/)
 * Last activity: [15 years ago](https://wordpress.org/support/topic/firewall-plugin-found-malware-in-search-function/#post-2110954)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics