I keep getting the following warning:
Visitor IP Address: 146.59.243.31
Firewall Rule: Exe File Uploads
Firewall Pattern: \.(dll|rb|py|exe|php[3-6]?|pl|perl|ph[34]|phl|phtml|phtm|sql|ini|jsp|asp|git|svn|tar)$
Request Path: /wp-content/plugins/ioptimization/IOptimize.php
Parameter Name: userfile
Parameter Value: zwxnwyuqwg.phpI know that ioptimization/IOptimize.php is not a plugin, but a malware script. How it has got on my Shield-protected site is beyond me.
I am aware that I should make sure this is removed. However, looking at my site via FTP, there appears to be no such file or directory. I have, of course, looked for hidden files as well.
Why am I seeing this on a daily basis?
Cheers,
Mike