hi there, there is a shell script in my admin control panel, which is subscriptions.php in admincp folder. I put this define('DISABLE_HOOKS', true); Code (markup): code in config.php and all plugins are disable, when i checked subscriptions.php shell script was gone but i need that plugins and when i remove the code in config.php shell script coming back. So what shold i do? please help me
Make sure your files are NOT writable by the web server user... it's a security risk, and the web server really should only need read access to the files anyway. Once you do that, you should be able to track down what code is inserting the malicious stuff. My guess is that it's within a plug-in itself since it came back only after you enabled your plug-ins.