Something or somebody hacked bp_core.php – is it possible without entering FTP?
-
Hi guys,
Everything was fine until recently. I tried to load my web site and instead it showed a message about an incorrect “T_STRING” in bp_core.php
Neither front end nor backend opened. I looked at bp_core.php and found this line:
`f1275ion bp_member_user_email() {`
Obviously somebody or something replaced it from `function bp_member….`I changed it back and the web site opens normally.
It all looks scary and strange… why would only that thing was hacked (not even sure now that it’s the only thing!) and in such a strange manner… I have security plugins installed that block attacks, but who knows..What could that be? Could it be done without a manual accessing FTP?
Will it help if I mention bp_core.php in htaccess as “Deny from all”?Any ideas on the above guys?
Thanks!
Cheers, Natalie
- The topic ‘Something or somebody hacked bp_core.php – is it possible without entering FTP?’ is closed to new replies.