My php site was hacked by codes uploaded as image..?

Question

Yesterday my site was comprised. The attacker changes the index.php file to their own (with all their glory messages and greet). I\'ve notified the hosting company about thi

Answer 1

JPEG files can contain arbitrary data in them in addition to the actual image data; it's part of the spec. Thus, merely checking if an image is a valid JPEG does not mean that the file is necessarily completely harmless.