Posted by seharmks on November 28, 2012 at 2:56pm
Hello,
We found that someone is injecting some script in index.php file on root. All security measures / updates are complete from admin side.
Can you please let me know how to prevent these kind of injections?
Thank you
Comments
That tends to imply a server
That tends to imply a server side hole, that is someone has access at the server level.
Yes, if this is on shared
Yes, if this is on shared hosting there's a number of exploits that can sometimes be used to get access. Some hosting providers are very lax with their security, unfortunately. Cheap hosting can be expensive in this respect.
Another exploit that once caught me out was some malware that stole a bunch of passwords from Filezilla, which generously stores them unencrypted. Fortunately the attacker was just a script kiddie who left a fairly visible trail and I was able to repair the damage (and throw Filezilla down the nearest toilet) in short order.