+https://codex.wordpress.org/FAQ_My_site_was_hacked

+https://codex.wordpress.org/Hardening_WordPress

Delete it, but understand that deleting it does not mean your system is clean. It got there somehow.

You need to start working your way through these resources:

• https://codex.wordpress.org/FAQ_My_site_was_hacked
• https://wordpress.org/support/topic/268083#post-1065779
• http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
• http://ottopress.com/2009/hacked-wordpress-backdoors/

Additional Resources:

• http://sitecheck.sucuri.net/scanner/
• http://www.unmaskparasites.com/
• https://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

https://wordpress.org/support/topic/wordpress-file-added-deletemewpphp/

A google search on deleteme.xxxx.php returned quite some info.
The files are created by a piece of software named Installatron that looks to be a tool offered by hosting providers who have ‘one click’ installations of software, like wordpress, joomla , etc
Anyway this is not an iTSec plugin issue.

dwinden

—

A google search on deleteme.xxxx.php returned quite some info.
The files are created by a piece of software named Installatron that looks to be a tool offered by hosting providers who have ‘one click’ installations of software, like wordpress, joomla , etc
Anyway this is not an iTSec plugin issue.

dwinden

—

This is a bit dicey. If you give any file matching a pattern direct access it’s possible for someone to abuse this to hack you. If you have no choice you can add the following to the “Custom .htaccess rules at the top of the file” (mind you, don’t use the one for the bottom of the file, it won’t work).

RewriteRule ^deleteme\.(.*)\.php$ - [L]

This tells Apache if the URL matches deleteme.*.php do not process any more rules, just run the file. Remember that the RewriteRule is a Regular Expression, hence the need to escape the dots with a backslash and add the ^ and $ (start of string and end of string matchers). The dash following the RegEx means “No action” and the [L] after that means “this is the last rule for this match, don’t try to process any other rules”.

I hope that helps!

มีคนไปถาม cpanel

cpanel ตอบว่า ไม่เกียวกับเรา

Unfortunately, cPanel is not a hosting provider, so no one in this forum has the access needed to help you. cPanel only develops software; we do not actually host any sites or servers. Only your hosting provider has the access needed to help you.

Also, Installatron is not part of cPanel, and it is not a cPanel product. You would need to contact Installatron support directly for help with that software, but since you are not the server administrator, they may also be very limited in the extent to which they can help you. Their support contact information is here:

Installatron Documentation and Support

If you are interested in changing hosting providers, we do have a Partner NOC directory, with our partners that use our software:

cPanel Hosting Partner Directory

The database on that page is searchable by several different criteria.