Im using easyEngine and installed wordpress last version on it.
But there is someone attacking my server and their script is able to edit my .php files.
They already inserted malicious code in the menu internal file and they are always editing the theme header.php file.
I already changed the files permission to root user instead of www-data. Then the files could not be edited anymore. But i cant edit it also in the web area.
Anyone have already experienced that kind of attack? They are also doing brute force (already renamed wp-login.php file but they keep trying).
I think its a easy engine security failure.