Well Webmaster, you are hacked. Did anyone tell you about that?
self-moderation mode enabled.
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
self-moderation mode enabled.
I really admire your restraint π
H3ODST you’ve a lot of work ahead of you. Backup your files and database now. If you make a mistake you’ll need to put it all back to the way it was, even if it’s a hacked version.
Now where did I put that boiler plate…
Read this
http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/
And then read it again.
Read this too
http://codex.wordpress.org/Hardening_WordPress
Upgrade to the latest version if you have not already. You need to see if there are any users added to WordPress that you don’t know about/don’t belong there.
You need to go through your files and find where the spammy links are being added. If it’s in wp-config.php or some other file, you’ll need to make sure that is cleaned up before you can consider yourself good file wise. Look everywhere and use fresh copies of your WordPress installation, plugins, and themes.
Look at your posts and comments and see if there are any spammy links there. You can export your whole blog to WXR and then examine the whole thing in your favorite text editor.
Look at your server’s log files. If you are on a shared server, get help from your provider. You need to identify if this was a compromise of WordPress or your server. If you do not identify the entrance which the attacker got in, odds are they will be back.
Once you have cleaned up your hacked blog, harden it so this does not happen again.
Good luck.
Thread Starter
h3odst
(@h3odst)
How did I get hacked, exactly?
All I did was install WordPress using fantastico, and then I installed this theme:
http://greatwordpressthemes.com/wordpress-themes/halo/
How do I get hacked by just doing that? Is WordPress security really that bad?
How did I get hacked, exactly?
no-one here can tell you that, obviously.
All I did was install WordPress using fantastico…
Indeed, that is all you did.
Is WordPress security really that bad?
you know.. if you want to bitch like a baby.. fine.. but at least take some personal responsibility and bitch after you have made sure that are using the most current version of wordpress.
i tell you .. some days I really wonder .. π
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
i tell you .. some days I really wonder .. π
This one is even funnier than usual. He downloaded a theme that includes obfuscated footer.php crap and is blaming WordPress security. This is why I continue to regard supporting people here as a form of therapy π
H3ODST? It’s that theme you picked. Go and get a nice GPL’ed theme from http://wordpress.org/extend/themes/ and have nice day.
If you continue to use a theme from we-suck-wind-loudly-not-so-greatwordpressthemes.com then enjoy renting out YOUR blog to THEIR advertisers for free. It’s not a security issue when you did it to yourself.
lol!!! I couldnt even be bothered to look at the theme, after the ranting — you are a saint π
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
you are a saint π
I’ve said it before: providing support here is a form of therapy.
Although sometimes it’s definitely “Why are you hitting your head on the wall?? Because it feels great when I stop!” π
Thread Starter
h3odst
(@h3odst)
What if I removed all that obfuscated code??
Sorry, I have a problem getting mad and jumping to conclusions fast…not that you haven’t already noticed.
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
What if I removed all that obfuscated code??
Good luck. You can go that route but they’re probably tying the footer.php code with the function.php file. It’s not a new trick see http://wordpress.org/support/topic/237501?replies=5 for an example of how tricky this can get.
IMHO It’s just easier to switch themes to one that’s not documented as E-V-I-L.
Thread Starter
h3odst
(@h3odst)
Dang…is there any theme thats simple as that?
Header image, bg_post image, and a sidetitle image..
