Suspected Malware in URL – Finding Origin?
-
About once/week, I receive the following with Wordfence:
File contains suspected malware URL
I can clearly see the suspect URL in the file. But my question is, how can I figure out where the files are coming from? Is it because I’m on shared hosting and another user is infected, which results in these files being created every week? The location is always similar:
/wp-includes/Text/.log/<domain>/index.php-id=.html
I don’t mind removing them from within Wordfence every time they pop up, but I would really like to understand where they come from so I can stop them completely!
(If it helps, the suspect URL in the above most recent file is: https://forums.x-plane.org/index.phpdrimage9)
Thank you!
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
- The topic ‘Suspected Malware in URL – Finding Origin?’ is closed to new replies.
