I enjoy not the hacks. Photo: Apple Logo and Flame
A couple of my sites, including this one, were compromised by an iframe hack. Some amorphous Internet blob puts fingers out into WordPress installs and puts one line of code in index.php, right above the first HTML tag. That code is an iframe with width=1 and height=1 (invisible) that manages to embed another (usually .cc domain on a site). Which then serves trojan horses or viruses or bullshit. Horrible.
Who does it? I dunno. It’s a business done at a grand, obscure scale. Darknet, Russians, whatever. Here’s how to fix it, at least temporarily.
1. Delete index.php in your WordPress install’s home folder (using FTP). Download a fresh WordPress and copy in a new file.
2. Delete and reinstall all plugins
3. Change all FTP, user and database passwords
4. Look around your WordPress install for suspicious looking files, or delete and reinstall the whole thing.
That holds this thing off at least temporarily, but I for one am just fed up. Shit keeps getting hacked all the time and, while I can almost always fix it, it’s slow and incredibly painful and sad.
I’m outsourcing this shit. Signing up for a Sucuri account and letting them handle security for like $25 a month (though all paid at once, gulp). It’s just too painful and it hurts business, gets me tossed of Google, etc. And I don’t understand how or whence it’s coming. If you notice anything odd over the next few days, lemme know.