Hey ron, it took me a while to find the problem. I just started looking at the settings and I noticed that the upload folder had been changed to “/../../../tmp” which looked suspicious. So I started to look at all the wordpress tables in the db and I saw a plugin that I did not add. It contained a .txt file that was sure enough in the ../../tmp directory. I took a look at that file and found it contained the text “Magic Include Shell” along with some malicious php code. I did a search for that in google and found the site linked above.
To put a server level password on wp-admin, add a .htaccess file. Here’s a site with lots of tutorials on that: ??
