WordPress header.php hack

This topic is: not resolved

Tagged: 

This topic contains 0 replies, has 1 voice, and was last updated by  psasser 1 year, 10 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #4472

    psasser
    Participant

    Hello Hello,

    On my account at Rackspace I have like 25 wordpress sites. About once a week some sort of malware attacks my sites. The general procedure is that this malware modifies the header.php file of all those sites (inside the theme folder) to have some JavaScript in there. I can easily fix by reverting back but it keeps happening. I installed wordfence out there on all those sites and scan them regularly, but it keeps occurring. It is becoming a major time suck to fix it. The reason that it attacks the header.php file is it is just looking for the wp_head() function and then it just hooks into that

    I pretty much universally use the thematic theme, but I don’t think that think that this is a thematic issue because it also modifies the header.php file that’s out in the twentythirteen, twentyfourteen, and twentyfifteen themes that are out there.

    This is very similar to this forum post, but it was closed for replies.
    https://thematictheme.com/forums/topic/thematicheader-php-hacked-on-multiple-sites/

    Any thoughts about this or anyone having a similar issue. I thought I would check with the theme that I use most consistently to see if there are any vulnerabilities with the theme itself.

    Have a great day,
    patrick

Viewing 1 post (of 1 total)

The topic ‘WordPress header.php hack’ is closed to new replies.