index.php changed to wordpress!!?

For questions and problems with the CMS core. This board is NOT for any 3rd party modules, addons, PHP scripts or anything NOT distributed with the CMS made simple package itself.
Post Reply
Andrew Prior
Forum Members
Forum Members
Posts: 249
Joined: Sun Oct 28, 2007 4:14 am

index.php changed to wordpress!!?

Post by Andrew Prior »

This is probably more of a heads up than a question:

I have built four cmsms sites, all hosted at the same hosting provider, but on different shared servers. Yesterday all four front pages served up a white screen. The error logs on my own site said there was a problem with loading the index.php file which made reference to... wordpress.

Tech support suggested I had made a mistake somewhere, but after my pointing out I had not touched any of the sites, and now have no access to one of them, decided that Immunify av in cPanel had decided that the cmsms index.php contained malicious code.

I quote:
Imunify360 malware does not add a standard WordPress core file. It simply cleans the unwanted code that it detects as malware.
And true, there is no mention of wordpress in the index.php file of cmsms-2.2.22-install.php

Here's what I found:

Code: Select all

<?php
/**
 * Front to the WordPress application. This file doesn't do anything, but loads
 * wp-blog-header.php which does and tells WordPress to load the theme.
 *
 * @package WordPress
 */

/**
 * Tells WordPress to load the WordPress theme and output it.
 *
 * @var bool
 */
define( 'WP_USE_THEMES', true );

/** Loads the WordPress Environment and Template */
require __DIR__ . '/wp-blog-header.php';
I'd be thinking I've been hacked, and yes, I'm changing passwords etc, BUT there are four separate users on three different shared servers, and I have no access at all to one of the sites... so it smells like an Immunify thing to me.

The host is currently checking my current index.php file to make sure nothing is triggered in Immunify.

Andrea
Top
Post Reply

Return to “CMSMS Core”