PHP script: malicious JavaScript code at the end

Question

The problem:

On my webspace there are PHP files which all end with this:

Before

Answer 1

phsource is the closest.

If you're on a shared server, other people have access to the server itself. This is sort of the definition of a shared server. The problem is that if you have files with permissions of 777, they are world-user-group writable. Which means anyone with access to the box can write to them. See the problem?

All it takes is one person on that box to have a weak password, poorly configured script, or a horrible bit of code, and a mediocre script kiddie can cause all kinds of problems all over the box. Most of these attacks are purely automated. They get access, scan for attack-able files, and append as needed.

Most likely, you should change all of your files to 755 or 644 permissions. You'll sleep better at night.

And after you're done cleaning it up, make sure Google hasn't flagged you as a malicious site. It's not horrible to clean up, but it can decimate your traffic in the meantime.