Posted 1 month ago #
Just wondering if you could tell me if someone has hacked my blog. I keep getting this error when I go to my url http://mobc.org.au
Fatal error: Cannot redeclare x86() (previously declared in /home/mobc/public_html/index.php(1) : eval()'d code:1) in /home/mobc/public_html/wp-config.php(1) : eval()'d code on line 1
Posted 1 month ago #
I had deleted everything from the server and also the database. When I reinstalled all files and recreated a database it seemed to work fine again.
However a couple of hours later and in was displaying the Fatal error message again.
Whats the deal?
Hi,
It seems it is either due to the plugins or older version of wordpress. Please disable all the plugins and upgrade your wordpress to the latest version.
Thanks,
Shane G.
Posted 1 month ago #
Hi,
I have the same problem-very annoying.I get this message:
Fatal error: Cannot redeclare ub6() (previously declared in /home/farbhof1/public_html/blog/wp-config.php(1) : eval()'d code:1) in /home/farbhof1/public_html/blog/wp-settings.php(1) : eval()'d code on line 1
I have the latest version of wp.Everyday I reinstall my blog only to find it has been replaced by this message the next morning.HELP!!
Posted 1 month ago #
Thanks Shane. I have done as you suggested still with no luck.
Any other ideas?
Posted 1 month ago #
Hi farbhof1
Can you give me a complete list of all the plugins you have installed. Maybe there is a common denominator (plugin) thats causing this problem.
Posted 1 month ago #
Ive now spent another 6 hours trying to troubleshoot my blog. I removed all files from the server, removed the database and then reinstalled wordpress and a new database.
I was all fine for about an hour an now I get another fatal error message. Check it out at http://mobc.org.au
Even your WordPress readme.html file has been hacked. Contact your web host and see:
http://codex.wordpress.org/FAQ_My_site_was_hacked
Do you have any relationship with maciejkuciara.com? I see script links on your readme.html to that hacked site.
Posted 1 month ago #
Have no idea who maciejkuciara.com is.
Is there anyone out there who has had the same problem as me and has completely fixed it???
Posted 1 month ago #
I'm having the same problem. My webhost installed a php.ini in my Wordpress root folder (which they said would prevent my .php files from being written to) and I tried placing my configphp file into my server root folder but it was still hacked. THis is after a full, fresh install with no plugins installed and a new database. Soooo yeah. Kind of irritating and making me question why im using Wordpress at this point if the code is soooo vulnerable.
Kind of irritating and making me question why im using Wordpress at this point if the code is soooo vulnerable.
and you assume this why? 2.8.4 is secure and is not being hacked
http://ottodestruct.com/blog/2009/hacked-wordpress-backdoors/
Posted 1 month ago #
samboll - I'm using the latest WP (8.4.5?) and its getting hacked. That's why I assume the vulnerabilities of the code. I upgrade with every new release and these hacks just started happening w/in the last 3 weeks. Thankfully the blog im trying to fix first is a (very) simple, 1 page resume and requires nothing complicated to remake. So killing off all the files and database is no big deal.
Also, I've run Malwarebytes, Avast and Kaspersky for keyloggers or anything else on my machine and they come up clean. I've changed my password many times to the most cryptic stuff I can come up with, on both my admin and FTP.
So, yeah, irritating.
Posted 1 month ago #
I've been dealing with this now for the last few days. I've had my WordPress site completely wiped clean and meticulously rebuilt it from scratch. 2 hours later, it's hacked again. Some direction on how to troubleshoot this would be very helpful. BTW, I don't have any pluggins installed.
Have you changed your FTP passwords?
Posted 1 month ago #
Yes. I've changed them all. Could it be in the actual wordpress database?
samboll - I'm using the latest WP (8.4.5?) and its getting hacked. That's why I assume the vulnerabilities of the code.
The code is not vulnerable. Your site is. Two different things.
The fact that this code is being added to all your files suggests two things: a) your webhosts are idiots and b) you're being hacked because some code is running on that server that's searching for all the files it can and inserting that code into them.
This sort of thing happens mostly on shared servers that don't have proper inter-user security working, so some other website on the server getting hacked can lead to every site on that server getting hacked.
Best advice: Leave that web host immediately.
Only sorta okay advice: Try to work with them to fix their servers. This may be difficult and time consuming.
Either way, WordPress is secure, but it can't control other means of entry which are not.
Posted 1 month ago #
XtraFancy, yep, it could be in the DB. I've read many accounts of people finding 'bad code' in their DB files that are tied to this very problem. My DB was very small so I could remake it from scratch. My other blog will be a much bigger challenge. You may want to use Malwarebytes on your PC as well to check for keyloggers etc in case your new passwords are being copied that way.
Posted 1 month ago #
Otto42, could be. I use HostGator and though I'm generally happy with the service/support I can't really speak to their security measures. Who would you recommend as a "secure" webhost? Its very hard to tell who's security is strongest from one host to another.
For shared servers, I like to ask the host if they use "suPHP".
This is a version of PHP that makes scripts run in the context of their owner, so that somebody hacking a website doesn't get the permissions of the "apache" user (which generally can access all websites on the server), but only gets the permissions of the website they hacked instead (which generally can only access that users website). This strikes me as a more secure solution for shared systems, and hosts who use it tend to be more on the ball.
Other hosts don't do shared systems at all in that way, and use virtualization instead. This is way more secure, but also more expensive.
Best way is to simply ask them what their security measures are. If they won't give details on how their servers are secured, then I'd look elsewhere. Many hosts will just blow you off and say "we're secure" but some will give details if pressed for it.
Posted 1 month ago #
So its been a week now have spent over 40 hours trying to fix this problem. Still haven't been able to fix the problem. I have followed all the instructions on all replies in this topic, have even done the same on another web server to no avail.
What do I do now. Im not the only one having these problems at present. Come on Wordpress guys give us something to work with and a little support. This is ridiculous. Ive been using WP from the start and have never had anything like this happen.
Is there something your not telling us??? As far as WP code being secure I think your mistaken...
Is there something your not telling us??? As far as WP code being secure I think your mistaken...
ridiculous! wordpress takes security very seriously.
neo721x: If your files keep getting changed even after you fixed them, then perhaps you should set their permissions so that they are read only.
You must log in to post.
