WordPress doesn’t have a temp folder, so you’ll need to ask your hosts about this.
Thanks for the response. The temp folder is used by WordPress and it is essential for the image uploading of WordPress to work. Is there another way to get images to upload that does not use this temp folder?
You could have a look at http://ww.wp.xz.cn/extend/plugins/add-from-server/
But if your tmp folder has been compromised, then you need to find out how.
@ dreadcarno
Is the tmp folder in question located in your WordPress install? Like in wp-content? Or are you talking about your actually server’s tmp folder?
@MicheyRoush
Probably the server’s tmp folder, the fold in question is required for the image uploads to work.
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
The tmp folder used for image uploads on my site has been hacked/used to upload malicious scripts.
Sorry, just as a level set: what’s the path on your server’s file system for the tmp folder you mention? If you mean /tmp then, no WordPress doesn’t use it. PHP may, but a stock WordPress installation doesn’t.
It does use wp-content/ a lot. Are you talking about a folder there?
Either way ask up host for assistance. They may be able to sort this out for you.
Thanks for all the replies!
It turns out upon investigation with my host (godaddy) that one of my many wordpress sites which was used for dev. work was hacked via the famous timthumb.php. This was not immediately obvious because the site that was hacked was not in current use, and the theme in question (Nova, of Elegant Themes) was not active. The hackers left some traces in at root level in x.txt. Apparently, having called a so far unknown script and the wp-mail.php…
Any ideas how to make sure my database is clean?
