Please Advise…
I just received a security alert from dreamhost…
During a recent security scan we have identified that one or more of your hosted sites show signs of being compromised as they are hosting known, malicious web-based backdoors. Specifically, the following file(s) have been accessed by intruders and have been associated with unsolicited bulk email, denial of service or other abusive activity:
We have identified the following known backdoors under your account:
/sedonayogafestival.com/wp-content/themes/flexform/wso1.php
/sedonayogafestival.com/wp-content/wso.php
We have disabled the page(s) in question (via adjusting permissions on the files, e.g. chmod, or backing up the file first renaming it to “filename.INFECTED” and cleaning up the injected code) until you are able to address this matter.
I am unable to edit pages in the site… and while I disabled those files by renaiming them _xxxxx.php, the same issues arise…
attached is the error message seen inside wordpress.
Warning: file_get_contents(/home/mtmm490/sedonayogafestival.com/wp-content/themes/flexform/_wso1.php) [function.file-get-contents]: failed to open stream: Permission denied in /home/mtmm490/sedonayogafestival.com/wp-includes/class-wp-theme.php on line 950
Please assist… I am unable to get anything accomplished behind the scenes, but website is up in the front…
I have returned the php files to theire original state… without the underscore for your trgouble shooting…
this is a relative emergency, so please reply soon… thanks !
marc
.