Recent content by WesW

I didn't have that File Manager plugin, however, I did install Wordfence and Sucuri post-hack. With Sucuri I use the hardening settings to disable plug-in writing. But after some more research, I think the aeR4Choc_start code was injected via a Laravel Debug exploit...

Trogdor, I just had a similar breach with the same "aeR4Choc" signature, did you ever discover the security hole? I thought my site was pretty secure and I am not sure how they were able to rewrite a php file.