Hello,
I have had my wordpress site (www.erinjackson.net) for approx 10 years so i am pretty proficient with basic usability, building out a theme, but I know nothing of coding. For weeks, I have been getting the following error on and off as I've tried to log into my wp-admin and when i look at the live site:
"The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request." Or it will just say "access denied."
I called my hosting company, 1and1, to ask about this and they told me i needed to upgrade my package bc my theme required more Ram (all of the sudden?" But that didnt sound right and as I suspected, I got an email a couple days later saying my site was under attack and there was a malicious file called ~/index.php. But that could be anywhere, right? There is an index of like everything. And they didn't tell me where to find it.
SO FAR, on the times I was able to get into wp-admin I have:
1) created a new admin user to log in. I have only had one since I started my site.
2) changed the password of the admin user that i've had since I started as well
3) changed my FTP password -- I use Core FTP and no other programs like cpanel.
4) upgraded to the latest version of wordpress, 4.4.
5) uploaded and activated bulletproof security app. although i don't know what it does actually or if it is meant to help my problem.
Any help is greatly appreciated. I am in panic mode.
