Title: header folder exposed Last modified: August 20, 2016 --- # header folder exposed * [wahgra786](https://wordpress.org/support/users/wahgra786/) * (@wahgra786) * [13 years, 3 months ago](https://wordpress.org/support/topic/header-folder-exposed/) * “javascript” some spam code I occasionally find in my this site.No one else have access to my site.I contacted a developer and he said my site is hacked. I am using Godaddy as host.This is my Site. [http://muslim-academy.com/](http://muslim-academy.com/) * I remove this from header area but it keeps on coming back and back.Some time with out link but some time with link.”PAY DAY LOANS” like spam. * Can you guys guide me how can I get rid of this or how can I make my header area protected from future attacks? Viewing 4 replies - 1 through 4 (of 4 total) * Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/) * (@bcworkz) * [13 years, 3 months ago](https://wordpress.org/support/topic/header-folder-exposed/#post-3430878) * I regret to tell you that you are indeed hacked. One or more “back doors” have been planted. The hacker will keep returning until the back doors are removed. These can be very difficult to find. * Start with the recommendations on [FAQ My site was hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked). * Thread Starter [wahgra786](https://wordpress.org/support/users/wahgra786/) * (@wahgra786) * [13 years, 3 months ago](https://wordpress.org/support/topic/header-folder-exposed/#post-3430998) * What IF I change the Files permissions in host?IS it going to bring some effect or is there any way I can lock this specific folder for saving myself from future hacks. Back doors are really tough for a beginner guy like me to find but with you experience guys here I shall surely find out some other solution coming soon. * Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/) * (@bcworkz) * [13 years, 3 months ago](https://wordpress.org/support/topic/header-folder-exposed/#post-3431034) * Permissions won’t help, the hacker is probably running as the wordpress user, so blocking the hacker will block wordpress. * It is true someone experienced in forensic coding may be able to find all malicious code and successfully remove it. Even then, there is still a possibility of missing something, in addition to the process being very time consuming. It is actually faster, easier, and completely reliable to do a complete wipe and restore from clean backup. * Thread Starter [wahgra786](https://wordpress.org/support/users/wahgra786/) * (@wahgra786) * [13 years, 3 months ago](https://wordpress.org/support/topic/header-folder-exposed/#post-3431035) * Ok let say I take the whole backup.Is there any way I can take a back up and make it clean and then bring it back via restore as good as safe? Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘header folder exposed’ is closed to new replies. ## Tags * [wordpress header](https://wordpress.org/support/topic-tag/wordpress-header/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 4 replies * 2 participants * Last reply from: [wahgra786](https://wordpress.org/support/users/wahgra786/) * Last activity: [13 years, 3 months ago](https://wordpress.org/support/topic/header-folder-exposed/#post-3431035) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics