Title: Malicious scripts identified with this plugin??
Last modified: May 8, 2017

---

# Malicious scripts identified with this plugin??

 *  [judahraine](https://wordpress.org/support/users/judahraine/)
 * (@judahraine)
 * [9 years ago](https://wordpress.org/support/topic/malicious-scripts-identified-with-this-plugin/)
 * My website has been taken offline as my host advises me that malicious scripts
   were injected when I installed this plugin. I removed it, immediately after as
   it did not meet my needs, but this is now a major issue. They will not reinstate
   it unless I can provide assurance that the malicious scripts have been completely
   removed.
 * I am not a developer so have no idea what to do Please advise as a matter of 
   extreme urgency. I’ve been up from 3am every morning for two weeks bringing this
   to a new level, only to have this happen. It’s critical that I resolve this urgently.
 * As I am now on the road for a business trip, please email [judithraineforsyth@gmail.com](https://wordpress.org/support/topic/malicious-scripts-identified-with-this-plugin/judithraineforsyth@gmail.com?output_format=md)
 * Thank you.

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Author [peter achutha](https://wordpress.org/support/users/peter-achutha/)
 * (@peter-achutha)
 * [9 years ago](https://wordpress.org/support/topic/malicious-scripts-identified-with-this-plugin/#post-9110855)
 * Hi Judahraine,
 * Are you using the dpaBottomofPostPage plugin. There is no malicious script in
   this plugin. It must be related to something else. You can check the code yourself
   or if you do not know PHP let someone who knows PHP check the code.
 * Check your server if you have ModSecurity installed. Can your host show you the
   malicious script that was injected?
 * I have been using this plugin at [http://bachutha.com](http://bachutha.com) and
   even though many hackers from Russia, China, Moldova, Germany, France, Turkey,
   USA, Canada, … are continuously trying to hack my site, my host have not complained
   about malicious scripts.
 * Also protect your …/wp-content/uploads/… directory with the following code in
   the .htaccess file :-
 *     ```
       Options -Indexes
       DirectoryIndex index.php index.html
   
       #block hackers from these type of files #
       # multiple file types
       <FilesMatch ".(htaccess|php)$">
        Order Allow,Deny
        Deny from all
       </FilesMatch>
       ```
   
 * This will block hackers inserting and executing PHP code through the /uploads/
   subdirectory.
 * Please let me know how it responds.
 * Best regards,
    Peter
    -  This reply was modified 9 years ago by [peter achutha](https://wordpress.org/support/users/peter-achutha/).
    -  This reply was modified 9 years ago by [peter achutha](https://wordpress.org/support/users/peter-achutha/).
 *  Plugin Author [peter achutha](https://wordpress.org/support/users/peter-achutha/)
 * (@peter-achutha)
 * [9 years ago](https://wordpress.org/support/topic/malicious-scripts-identified-with-this-plugin/#post-9110878)
 * Hi Judahraine,
 * Can you show (copy & paste) what ModSecurity log shows when this occured?
 * Best regards,
    Peter
 *  Thread Starter [judahraine](https://wordpress.org/support/users/judahraine/)
 * (@judahraine)
 * [9 years ago](https://wordpress.org/support/topic/malicious-scripts-identified-with-this-plugin/#post-9162628)
 * Hi Peter,
 * Thank you so very much for all your assistance – all above and beyond as we’ve
   ascertained that this plugin was in no way responsible for the problem. The issue
   occurred as the result of an ftp intrusion and everything has since been resolved.
 * I must add that I’m impressed and was greatly encouraged by the amazing support
   and encouragement, even after it became apparent that your plugin was not involved.
   Hats off to you. That kind of customer service is really hard to find and it 
   definitely helped to point me in the right direction on more than one occasion–
   something you certainly did not have to do.
 * Regards
    Judith

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Malicious scripts identified with this plugin??’ is closed to new replies.

 * ![](https://ps.w.org/dpabottomofpostpage/assets/icon-128x128.png?rev=988824)
 * [dpaBottomofPostPage](https://wordpress.org/plugins/dpabottomofpostpage/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/dpabottomofpostpage/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/dpabottomofpostpage/)
 * [Active Topics](https://wordpress.org/support/plugin/dpabottomofpostpage/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/dpabottomofpostpage/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/dpabottomofpostpage/reviews/)

 * 3 replies
 * 2 participants
 * Last reply from: [judahraine](https://wordpress.org/support/users/judahraine/)
 * Last activity: [9 years ago](https://wordpress.org/support/topic/malicious-scripts-identified-with-this-plugin/#post-9162628)
 * Status: not resolved