Recently, we had a hacked site where some PHP code was added to the index.php file, which looked something like this:
eval (gzinflate(base64_decode('s127ezsS/...bA236UA1')));
Another PHP file (cnfg.php) was added to the code, which caused the display of spam related to pharmaceuticals (but visible only to googlebot, etc.). It looks like a farm hack for WordPress, except that we don't run WordPress. Since then, the code has been removed, but I would like to prevent the occurrence of such cases in the future.
I understand that this is a fairly widespread problem, and there may be a huge number of security holes that can be responsible, but I thought I would put it there if anyone had experience with such a problem in the past.
What are the potential security holes that will allow these PHP files to load? And what can I do to prevent this from happening in the future?
source share