Who is getting security.php ???? CHECK YOUR SITES! IT can hurt SEO
 

For those using hostgator, who here has security.php installed across network?

I have 3 different accounts on hostgator, and they all have security.php added on every account..some kinda backdoor.

i tested it by going to domain.com/security.php and saw a "password form.

(Note: my sites are NOT connected in any way and i'm using 3 different billing info)

used to be with hostgator, personally recommend adult-hosting.com


good luck with your security problems on your php :thumbsup

log in using ftp and copy paste the source of security.php here

When i open the php code, its all encrypted

VBulletin doesn't support emojis.

*clap* Dont *clap* use *clap* Hostgator :2 cents:

Post it anyway and in code tags please.

It's a shell script

Most times code is base64 encode. You can decode if you wants if just base64. But Horatio is write, 99% It a shellcode.

Are all sites on same server? Shared hosting?
Reverse IP Lookup - Find Other Web Sites Hosted on a Web Server
If nots maybe all you sites have same hole.

Whats your sites runnings? If wordpress make sures all is updated. If some bad php somewheres or old imagemagick could allow remote code exectuions and allows persons to upload shells.

Maybe nots your faults if on shared hosting.

Maybe other gfy guys can helps that knows mores than me (I expert in onlys blogspots). if he set permissions to 555, woulds that helps?

what script are u runnin? i don't have them

It's a shell script

when i open in dreamweaver, it looks like <?php $rx350q7 = .....

when i googled this, i saw it on one site.. thats about it