WordPress sites being hacked en-mass
It looks like there is some unknown exploit that is being used to hack into WordPress sites en-mass.
The following threads and sites will tell you more about it and how you can find out if you are effected. http://wordpress.org/support/topic/385477 http://techcocktail.com/home/2010/04...earch-engines/ Note: third link removed - - see post #2 update: seems this site was itself hacked - the author believes it is clean now the site is www christopherspenn com/2010/04/07/find-the-latest-wordpress-hack/ http://www.themelab.com/2010/03/01/d...earch-engines/ |
BEWARE - Third link in list attempted to install a Trojan Horse when I visited the site.
|
Ok, I went through all the information, but I am really techno challenged here. First of all is there an easy way to see if one or more of my sites are affected? I am checking at the moment my page source for the homepage of all my sites, is that enough? Any help appreciated! SY
|
Seek The Truth - what were the symptoms?
What browser were you using? What OS? I don't have a problem, but I'm using a mac... |
I read somewhere that you can Google your site, and if the page that comes up has a bunch of links to other sites, you've been hacked.
|
.Hey...
Same thing as Seek the Truth said - third link attempted to install malware upon visiting - I'd remove the link. M. |
I made the security changes we discussed a short while ago, JD. Will those prevent what's happening here, or should I look further into this?
Thanks. Velma |
Velma, I'd look into this also
|
My site was hacked a couple of years ago - in fact is was so bad it was totally destroyed. Google sent me loads of warning messages and blocked my site from their search. All very embarassing. I just hope by keeping the software up to date I'm secure from this sort of thing now I've relaunched my site.
Tom |
Interesting update on the Wordpress blog http://wordpress.org/development/201...e-permissions/
Seems it was hosting specific ;-( SY |
That was my first suspicion when I say how many sites on Network Solutions were being hacked. The simplest answer was something was wrong at the server level.
|
My site was hacked as well as others that I personally know of using the Atahualpa Theme. GoDaddy says it's a hole within the Theme I was using 3.6.4 but have updated to 3.6.7 will that take care of my problem if not how do I go about finding which files were affected?
|
Did they say what the 'hole' in the theme was or did they just lay blame? Did they say how the hack occurred? Can they document it?
|
No they did not mention any of the above. Trust me I have been trying to speak to someone who knows what the hell they are talking about. At this point I had to purchase "Site Scanner" and they have submitted a ticket. I did fail to mention that the other Atahualpa Users also have GoDaddy hosting their site. How do I get them to admit it is a Server Security Issue?
I have restored my site. Updated the Theme. Changed database, cpanel, wordpress passwords and renamed the htaccess file. Is there anything I'm missing? I do appreciate the quick response Juggle! |
Look thru the users in wordpress, their roles. Delete any you don't recognize.
Check your Cpanel ID (change the password) Look at all your FTP users take a look at the logs at the site, see if you can see anything in them that will be a clue Do a google search on 'wordpress site hacked' for other ideas |
Oh, one other thing. If they can't won't tell you or the theme developer (Flynn) what the exploit is, I'd make plans to move to a new host. GoDaddy is not one of my favorite hosts
|
Thanks so much Juggle.....will do!
|
Is it worth putting SSL on the admin login page? or will it not make a difference?
|
Ok i had the same thing a while ago...can somebody tell me how to prevent this?
|
go do a google search, read the articles and implement the suggestions
|
All times are GMT -6. The time now is 08:13 AM. |
Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.