It's worth enabling two-factor auth if you can. There are paid services/plugins you can use, a pretty decent one is from Duo security.
Sent from my mobile, apologies for brevity.
On 30 Dec 2012, at 23:47, Andy Smith <andy@???> wrote:
> Hello,
>
> On Sun, Dec 30, 2012 at 11:41:34PM +0000, Ian wrote:
>> Andy said:
>>> Upon further investigation it appeared that around 30th November one
>>> of the site's legitimate Wordpress admins had logged in from an
>>> unexpected place (a Tor exit node) and had uploaded a PHP file which
>>> appeared to enable full filesystem traversal, downloading of file
>>> content, shell command execution as Apache user, etc.
>>
>> Is this something that was uploaded to the WordPress
>> wp-content/upload directories or as a plugin / theme?
>
> It was uploaded as a plugin.
>
> Cheers,
> Andy
>
> --
> http://bitfolk.com/ -- No-nonsense VPS hosting
> _______________________________________________
> users mailing list
> users@???
> https://lists.bitfolk.com/mailman/listinfo/users
