I'm working with a site with Zen Cart that someone seems to be exploiting the image folders at. Because those folders need write capabilities to upload product images from the admin area, they are using that to continually write php and txt files to these folders.
Those files have coding in them that also allows them other access when they choose.
(And to be one step clearer - I've moved the site recently to a completely new host after first completely removing all traces of any virus/hack. This appears, according to logs, to be happening by direct access through one of the zen upload capabilities using the site's regular url.)
Can writing of all files except the image files be blocked using the htaccess file in the root? If so, what is the correct addition to the htaccess that would cover ALL image folders through the site? (There's also a root image folder, wordpress, sub-directories, etc.)
Any thoughts on how to prevent this?