Title: iFrame Hack
Last modified: August 19, 2016

---

# iFrame Hack

 *  [joetaxpayer](https://wordpress.org/support/users/joetaxpayer/)
 * (@joetaxpayer)
 * [15 years, 2 months ago](https://wordpress.org/support/topic/iframe-hack-1/)
 * I’m sorry, I searched here and while there’s a list of threads, all appear closed
   on this issue.
    I am having the dreaded iFrame hack hit my sites. I know there
   are “lock down your WP site tutorials” but this has hit me in plain html static
   pages as well as a Wiki install and a site using PHP to simply create a web based
   file uploader, passworded.
 * My Host (1&1) says it’s all on me, the hack not occurring within the server but
   coming external.
 * Is there any thorough reference to this which will give a more comprehensive 
   answer?
    A number of domains I bought without developing yet now show “reported
   attack site.” How long will that take to clear up? I mean once code is cleaned
   up, is the site dead forever? Last – is there a third party type application 
   that will scan a list of sites and offer early warning? I have too many to scan
   every day, but few that are developed which I need to monitor. An app would help
   with the others.
 * For what it’s worth, I accessed my FTP with Fetch from a Mac. I changed the password
   to about 30 characters recently, but am now sifting site by site to clean up.
 * Last, I don’t know if the host is right, is it possible the hack is from within?
   They’ve not answered my 2 emails sent in last two weeks. Are there better hosts
   I should consider switching to?

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [esmi](https://wordpress.org/support/users/esmi/)
 * (@esmi)
 * [15 years, 2 months ago](https://wordpress.org/support/topic/iframe-hack-1/#post-1978486)
 * [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked)
   
   [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779)
   [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/)
 *  Thread Starter [joetaxpayer](https://wordpress.org/support/users/joetaxpayer/)
 * (@joetaxpayer)
 * [15 years, 2 months ago](https://wordpress.org/support/topic/iframe-hack-1/#post-1978544)
 * Thanks, I guess I’m missing one thing. Just trying to understand how it’s getting
   there. If someone has my credentials to get in to me server space (via FTP) they
   can do far more damage than just put in code like this. Is that how they get 
   in or is it an attack from the server itself?

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘iFrame Hack’ is closed to new replies.

## Tags

 * [iframe hack](https://wordpress.org/support/topic-tag/iframe-hack/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 2 participants
 * Last reply from: [joetaxpayer](https://wordpress.org/support/users/joetaxpayer/)
 * Last activity: [15 years, 2 months ago](https://wordpress.org/support/topic/iframe-hack-1/#post-1978544)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics