My homepage started to throw up PHP errors above the site header last night. The messages suggested it was something to do with the micropub plugin I’m using to post certain things here so I decided to login to my FTP account and investigate.
When I did this I found several folders with short names that contained a load of files with names like AA, AB, ADE, all the way up to Z. There was also an htaccess file in each folder. I looked through the files and it appears someone had broken into the account and tried to serve spam from my server.
I checked the plugin files which appeared to be okay and then checked the index.php file which was also mentioned in one of the errors. That had also been tampered with. I deleted all of the rubbish and replaced the hacked index.php and all errors disappeared.
It was all a bit disconcerting. I’m not an expert when it comes to these things and I’ve never had this happen before. I’ve no idea how it happened.
All passwords have been changed and I’ve added more security measures to my .htaccess file but I’ll need to keep an eye on things a bit better.