@rmeeuwsen 245541 wrote:
does anyone have a ‘fix’ for this type of hack?
Without knowing how it was hacked, your question, it’s like asking how long is a piece of string!
There could be any number of vulnerabilities present, not only with regard to your WP installation but also your hosting account in general.
@GamblingShares 245543 wrote:
yes, repair your site !
there is no “do this” fix
You have to remove his code and a few other things
I’ll add, You need to trash the entire site, WP install and all. Delete every file and every directory. I’d contact your hosting provider too and get them to scan your account,
It’s possible he’s gained access above the root, so unless all files and directories are checked and sanitized, you run the risk of a backdoor having been installed and open to further abuse.
I’d recommend when you have this all sorted you install the Bullet Proof Plugin. It locks things up pretty tight and hardens the be-jebbers out of WP. Enough to make it a PITA and hopefully force them to find an easier target.