Howdy. We have Wordfence Premium installed on this site but despite its presence we are being continually hacked. We have run many scans over the past 72 hours, each one returning a ‘clean’ status. This morning, hackers again gained access to the site and were able to change our index.php file and the wp-content/index.php. They also renamed the php.ini file in the WordPress installation to php.ini1 bypassing the security. The only options I can see is that the hackers are gaining access at server level. Is there anything I can do to protect the entire public_html folder? Can I include the auto prepend line that activates WF in the php.ini file that sits in the Home directory?
The page I need help with: [log in to see the link]