This could happen to other files, and I am not capable to do these clean ups. I wonder anyone used paid malware and firewall service provider?
I googled and found few here:
a hacker attempt is not always a very dangerous matter, it all depends on,
what kind of Code so-called Hackers use. I added a listing image below,
so show, what can be ignored, because I get such on a regular scale, and
as long as I use NO other Software, especially WordPress, on the same
Server, I have nothing really to worry about, since most such linking is
related to WP and similar Software. Just to have it mentioned, but I also
use a solid Server, operated by a proven solid Hoster, and such belongs
to the upmost important matters, likely widely ignored by many, trying
to run a commercial Software for as cheap as possible.
access_attempts.jpg (219.75 KiB) Viewed 4364 times
I don't use Forum Mail, to reach me, contact: email@example.com
Demoversion OpenCart LIGHT v.18.104.22.168
1'500+ FREE OC Extensions - from OC v.1.5.x up,
on the world's largest OC-related Github Site: https://github.com/IP-CAM
View the service and signup here if you're interested: https://www.evolvewebhost.com/cwatch-web.php
$10.49 .com Registration and $9.99 .com Transfers in now
Guaranteed top level opencart performance and support. Risk free 30 day money back guarantee & free transfers.
Going to do a fresh install on a new server and see if that helps.