A WordPress installation can get hacked due to a number of reasons:
- Outdated patches: Always keep your wordpress updated to the latest version
- Unsafe plugins: external code like the timthumb plugin can allow for a website to get hacked because of vulnerabilities that might exist in the plugin itself, always keep your plugins up to date
- Unsafe themes: Be diligent about where you download themes from, a badly coded theme can open your site to attack
- Weak passwords: Please use strong passwords
- Stolen FTP credentials: viruses that are present on PCs and computers can be used to upload dangerous code to a WordPress site.
Where Can I Find the Malware
Malware can be located inside HTML files, PHP files, inside your database, inside directories , configuration files and many other places.
How to Remove the Malware
- Change all your passwords
- At a minimum change your cPanel password and the secret inside wp-config.php
- Check your .htaccess file for compromise
- Make sure the third party plugins you use have good reputation.
Follow the steps in this resource:
Hardening Wordpress (http://codex.wordpress.org/Hardening_WordPress)
Additional Resources
