WordPress – Unwanted files on server (/wp-content/uploads/et_temp/slots-online)

I had a chance to work with one of websites which was affected by hackers attack. Files structure was looking like hell and needed to be clear.

Let me show you one of directories added after this attack:

After running command which counts files in this directorie:

find ./wp-content/uploads/et_temp | grep -e '\.html$' | wc -l

I’ve seen number files: 7497

Each of this file was accessible from browser so after running ie:
domain/wp-content/uploads/et_temp/slots-online/filename.html

…page was opening (full style page).


Have you had this kind of issues? Check your WP instance with health-check tools.

Published by Piotr Sikora

Piotr Sikora is Front End Team Manager @ Sourceful. MeetJS Kielce Committee member. JavaScript enthusiast. With passion to MTB (http://ckbikers.com)

Leave a comment

Your email address will not be published. Required fields are marked *