iframe hack

I would check your WordPress files to make sure they are set to read-only. If the config.php file, for example, has write access, it would be possible for someone to append the iframe code to it.

If you use an FTP client to upload files, it should be able to show you the permissions, and you can find out what file that code is being added to.

I have been battling an I frame hack for 2 weeks. I’ve done a complete sweep of my computer, changed the passwords and deleted any rogue code i could find. Interestingly enough it doesnt appear on my index.php pages as it seems to in a lot of the other posts I am reading on the forum. It is – as far as I can detect-only on some unpublished pages that we are working on for future publications. I am at the end of my rope. If someone out there is familiar with this hack and can fix it – please contact me for possible consulting work for hire . my email address is [email protected]

I just had an iframe hack. I checked my server logs for an entry that matched the time that my header.php file was altered. When I found that entry, it pointed to a rogue php file. That file was in my wp-content/uploads folder of an entirely different wp install. It was in a folder inside the wp-content/uploads/2008/08. I deleted that file and haven’t had a problem since.

Of course, since I didn’t put that file there, I had another problem. Followed the Hardening WordPress Guide, manually checked every file and directory on my server, etc. Seems like I’m safe, for now