I got an email yesterday from my host (DigitalOcean) that I was running a phishing website. So, I’m not, but I quickly guessed what happened: my WordPress got hacked. This is just one of the risks of running silly little PHP apps. I logged in, deleted the themes directories, reinstalled clean ones, and ensured this doesn’t happen again by doing the following:
- useradd apache_ro
- chown -R apache_ro:apache_ro $WP/wp-content/themes
Now apache can’t write to those directories. This means you can’t update WordPress via the web UI, but I’m ok with that.
Evan Hoffman's Blog 