I have observed a file named good.html in one of my wordpress web sites which has the following content.
<meta http-equiv=”refresh” content=”1;URL=http://com-wr14.net/space.php?a=306454&c=wl_con” />
I guess this file has been uploaded maliciously in order to make the web server visit the address in the code, or maybe to make a part of a botnet or something else.
I am not sure about what the main issue is but I just published this incident in case somebody else observes and searches for it.
Please share your comments if you have any info about good.html .