Malicious Akismet code in header

  • Guido

    (@guido07111975)


    8 years, 11 months ago

    Hi folks,

    Every few months I notice websites containing malicious Akismet code in file header.php. For an example of this code check this post.

    Very frustrating because I do not notice it before Google or hostingprovider blocks the site.

    The common factor of all websites is they have one of my themes and one of my plugins installed. And a fallback theme such as Twenty Sixteen. The code is injected in header.php of all installed themes.

    So I suspect a theme or plugin is causing this.
    Unfortunately file-permissions can cause a leak as well (wp-content has often 755 or even 777).

    How can I prevent this?

    I’m also looking for someone who can take a look at one of my themes and plugin. As far as I know they are completely save, but you never know. Maybe I overlooked something.

    Guido

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Malicious Akismet code in header’ is closed to new replies.