Skip to:
Content
Pages
Categories
Search
Top
Bottom

Something or somebody hacked bp_core.php – is it possible without entering FTP?

  • Avatar of Expana
    Expana
    Participant

    @expana

    Hi guys,

    Everything was fine until recently. I tried to load my web site and instead it showed a message about an incorrect “T_STRING” in bp_core.php

    Neither front end nor backend opened. I looked at bp_core.php and found this line:
    `f1275ion bp_member_user_email() {`
    Obviously somebody or something replaced it from `function bp_member….`

    I changed it back and the web site opens normally.
    It all looks scary and strange… why would only that thing was hacked (not even sure now that it’s the only thing!) and in such a strange manner… I have security plugins installed that block attacks, but who knows..

    What could that be? Could it be done without a manual accessing FTP?
    Will it help if I mention bp_core.php in htaccess as “Deny from all”?

    Any ideas on the above guys?

    Thanks!
    Cheers, Natalie

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.