We have a simple website that has been constantly attacked by a rogue script that attaches itself to [url removed, login to view] files.
I have attached an archive which shows the script attached at the bottom of the [url removed, login to view] file.
I need someone to investigate, find the hole and provide a secure solution.
Our provider has reloaded the OS, updates our server and advised there is no break into the server.
I have the apache log files that show the activity on the server when the site was clean and when the attack last happened.
If we manually delete the rogue script it re-appears in a day or two.
I can of course provide full access to the web site via FTP.