My site's been hacked!
Yes, it happened to me. Yesterday morning, the front page of my site was marred by two screens' worth of links to porn sites. I couldn't tell where it came from, which file it was in. I contacted my new WP guru, who had responded to a question of mine in the wordpress.org forum, and she and her database wizard are in the process of fixing the site. She thinks the hack actually happened in July, but was activated only yesterday. I had already installed WP 2.8.4 the day before, but I guess since the hack was in place while I was using 2.7.1, it was able to wreak havoc.
So, please, please go ahead and upgrade to 2.8.4 ASAP! I will post more as I find out more, and also about ways to "harden" the site against future attacks. I guess one problem with open-source platforms like WP is that the hackers have an easy time writing malicious code to get into it. |
Hey Paula!
The view from Maine is good! -- your site's looking all cleaned up now (3:30 EDT). I wonder if your site's "visitor profile" being higher than average increases the chances of it attracting the attention of the hacking bozos. The word is that most hacking these days is done for profit so those porn sites may have likely been paying to have links to their sites "sprinkled around" the www. The Gazette is looking better than ever!! Congratulations! BTW: what widget or gizmo do you use to put up that slideshow in the center column? I tried every right-click trick I have on it but couldn't suss out what was underlying. Your rain visits us tomorrow. After the spring and early summer we had up here I never thought I'd be saying this, but we can actually use a day of drizzle about now. Jim |
Thanks for the compliments!
I used the Featured Content Gallery plugin for the slideshow. |
I still don't know exactly how it happened, but this is what the consultant said about the hack:
Quote:
It cost us over $1000 to get this cleaned up. The hack was inserted back in July, and for some reason only showed up AFTER I had upgraded to WP 2.8.4, had a problem, downgraded back to 2.7.1, then upgraded again. In other words, it was there while we had 2.7.1 running. So upgrade before you get hacked! |
All times are GMT -6. The time now is 06:48 AM. |
Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.