I have installed a Demo WordPress on one of my websites and kept it idle. Today I received a warning email from the server that there is a suspicious file (.php) on that account.
When I logged into that account, I saw many new folders, files were created.
How this could be possible?
How can someone upload files, folders on our root folder without having our access?
But now I have deleted all those files from the root folder, trash folder, and temp folder. But I couldn’t find the trace on which the intruder entered into my WordPress.
I checked ftp logs, cPanel logs etc but no traces. Can someone help me to tackle this issue?
I want to prevent this activity in future.