Title: wordpress security issues
Last modified: August 20, 2016

---

# wordpress security issues

 *  [zarkas](https://wordpress.org/support/users/zarkas/)
 * (@zarkas)
 * [13 years, 6 months ago](https://wordpress.org/support/topic/wordpress-security-issues-1/)
 * Almost all my blogs have been infeced with “malware” lately. seems to be 2 different
   types.
 * 1. strange random filenames such as fw432desde.php appears in my root directory,
   my wordpress index.php file and theme files get affected with either some eval
   code, or links are inserted in hidden positions.
 * 2. additional text and links are added to the bottom of some of my posts.
 * Anyone got some more information about these two types of malware? and could 
   someone recommend good plugin to help prevent these things, I have better wp 
   security installed but that doesn’t seem to do the job.

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [Rev. Voodoo](https://wordpress.org/support/users/rvoodoo/)
 * (@rvoodoo)
 * [13 years, 6 months ago](https://wordpress.org/support/topic/wordpress-security-issues-1/#post-3197427)
 * WordPress itself has no known security vulnerabilities at this time. Hackers 
   can get in by weak passwords, infected computers, bad plugins or themes, improper
   server configurations, etc. Many ways.
 * You need to start going through these resources:
 * [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked)
   
   [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779)
   [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/)
   [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/)
 * Additional Resources:
    [http://sitecheck.sucuri.net/scanner/](http://sitecheck.sucuri.net/scanner/)
   [http://www.unmaskparasites.com/](http://www.unmaskparasites.com/) [http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html](http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html)
   [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress)
 * Which can shed some light on what happened, and how to fix and harden WordPress.
   Plugins don’t usually ‘stop’ hackers – they just wind up telling you after somethign
   happened.
 * Plus, once you’ve been hacked, your entire hosting account is vulnerable, so 
   anything you have installed is probably hacked. And backdoor files get inserted–
   so hackers have access until you completely clean everything
 *  Thread Starter [zarkas](https://wordpress.org/support/users/zarkas/)
 * (@zarkas)
 * [13 years, 6 months ago](https://wordpress.org/support/topic/wordpress-security-issues-1/#post-3197435)
 * Thanks for the fast reply Rev Voodoo, i’ll take a look at those links

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘wordpress security issues’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 2 participants
 * Last reply from: [zarkas](https://wordpress.org/support/users/zarkas/)
 * Last activity: [13 years, 6 months ago](https://wordpress.org/support/topic/wordpress-security-issues-1/#post-3197435)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics