Title: HackScript in W3TC plugin Last modified: August 31, 2016 --- # HackScript in W3TC plugin * [WPUser](https://wordpress.org/support/users/user325/) * (@user325) * [10 years, 2 months ago](https://wordpress.org/support/topic/hackscript-in-w3tc-plugin/) * > php.h.HackScript-15 | /public_html/wordpress/wp-content/plugins/w3-total-cache/ > lib/Nusoap/nusoap.php * What is it? * or 000webhost just crazy? * [https://wordpress.org/plugins/w3-total-cache/](https://wordpress.org/plugins/w3-total-cache/) Viewing 9 replies - 1 through 9 (of 9 total) * [FixMyWP](https://wordpress.org/support/users/fixmywp/) * (@fixmywp) * [10 years, 2 months ago](https://wordpress.org/support/topic/hackscript-in-w3tc-plugin/#post-7162329) * Looks like your site has been hacked and one of the plugins that were compromised was W3TC. It doesnt mean that W3TC has the reason your site was hacked though. * Either way you must clean your website. * Thread Starter [WPUser](https://wordpress.org/support/users/user325/) * (@user325) * [10 years, 2 months ago](https://wordpress.org/support/topic/hackscript-in-w3tc-plugin/#post-7162331) * haha, no. my site is ok same problem on [http://www.000webhost.com/forum/customer-assistance/38223-status-suspended.html](http://www.000webhost.com/forum/customer-assistance/38223-status-suspended.html) * [FixMyWP](https://wordpress.org/support/users/fixmywp/) * (@fixmywp) * [10 years, 2 months ago](https://wordpress.org/support/topic/hackscript-in-w3tc-plugin/#post-7162332) * Well it’s either a false positive from the hosting side or the site is hacked ad a whole. * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [10 years, 2 months ago](https://wordpress.org/support/topic/hackscript-in-w3tc-plugin/#post-7162333) * > haha, no. my site is ok * No, it’s not OK. Your _(free and totally unsupported which is why no one should ever use that company ever)_ host was compromised. The attacker placed that hack into that directory, it did not come from this plugin. * You need to delouse your site if you want to use it. This link can help you start that process. * [https://codex.wordpress.org/FAQ_My_site_was_hacked](https://codex.wordpress.org/FAQ_My_site_was_hacked) * Thread Starter [WPUser](https://wordpress.org/support/users/user325/) * (@user325) * [10 years, 2 months ago](https://wordpress.org/support/topic/hackscript-in-w3tc-plugin/#post-7162334) * it’s w3tc file, you can download and find it yourself [https://downloads.wordpress.org/plugin/w3-total-cache.0.9.4.1.zip](https://downloads.wordpress.org/plugin/w3-total-cache.0.9.4.1.zip)( w3-total-cache.0.9.4.1.zip\w3-total-cache\lib\Nusoap\nusoap.php) * what is nusoap? – [https://sourceforge.net/projects/nusoap/](https://sourceforge.net/projects/nusoap/) * i just think 000webhost is buggy * Thread Starter [WPUser](https://wordpress.org/support/users/user325/) * (@user325) * [10 years, 2 months ago](https://wordpress.org/support/topic/hackscript-in-w3tc-plugin/#post-7162335) * and yeah… i didn’t mention in my first post that 000webhost removed my site, so there was nothing to clean anyway xD * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [10 years, 2 months ago](https://wordpress.org/support/topic/hackscript-in-w3tc-plugin/#post-7162336) * Yes. This file. * [https://plugins.trac.wordpress.org/browser/w3-total-cache/trunk/lib/Nusoap/nusoap.php](https://plugins.trac.wordpress.org/browser/w3-total-cache/trunk/lib/Nusoap/nusoap.php) * Either it’s a false positive (as indicated above) or your copy of that file was hacked. * if it’s a false positive then your host needs to fix it. If you are hacked then you need to delouse your site, * Thread Starter [WPUser](https://wordpress.org/support/users/user325/) * (@user325) * [10 years, 2 months ago](https://wordpress.org/support/topic/hackscript-in-w3tc-plugin/#post-7162337) * someday i’ll try to upload nusoap.php from w3tc plugin (just one file) on new account of 000webhost and see what will happen * [FixMyWP](https://wordpress.org/support/users/fixmywp/) * (@fixmywp) * [10 years, 2 months ago](https://wordpress.org/support/topic/hackscript-in-w3tc-plugin/#post-7162338) * [@wpuser](https://wordpress.org/support/users/wpuser/), either way its a bad practise to use free hosting providers such as 000webhost. This is a -wannabee- hacker playground. Viewing 9 replies - 1 through 9 (of 9 total) The topic ‘HackScript in W3TC plugin’ is closed to new replies. * ![](https://ps.w.org/w3-total-cache/assets/icon-256x256.png?rev=1041806) * [W3 Total Cache](https://wordpress.org/plugins/w3-total-cache/) * [Frequently Asked Questions](https://wordpress.org/plugins/w3-total-cache/#faq) * [Support Threads](https://wordpress.org/support/plugin/w3-total-cache/) * [Active Topics](https://wordpress.org/support/plugin/w3-total-cache/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/w3-total-cache/unresolved/) * [Reviews](https://wordpress.org/support/plugin/w3-total-cache/reviews/) * 9 replies * 3 participants * Last reply from: [FixMyWP](https://wordpress.org/support/users/fixmywp/) * Last activity: [10 years, 2 months ago](https://wordpress.org/support/topic/hackscript-in-w3tc-plugin/#post-7162338) * Status: not resolved