Ok, I found a suspicious file on another website and it’s a shell backdoor. /wp-content/backup-2365b/.title14.php /wp-content/uploads/wysija/themes/rss.lib.php /wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_gallery_display/static/fontawesome/admin38.php this is original content: and And this is the unencrypted content: $auth_pass = “f4eeb83f67a86ea7baaaac13bebe6417”; $color = “#df5”; $default_action = ‘FilesMan’; $default_use_ajax = true; … Continua a leggere →

Thanks to MailPoet and Revolution Slider my websites run over multiple attaks. I noticed problems mainly because, when I enter in the plugins’ list, a lot of errors like “Plugin ABC deactivated..” come out. This because the plugin main file … Continua a leggere →