WordPress.org

Ready to get started?Download WordPress

Forums

All my blogs hacked! (6 posts)

  1. pureleaf
    Member
    Posted 6 years ago #

    I couldn't believe it when I saw all my four blogs show the 403 forbidden error pages last night.
    It started when a few days ago I had four strange new registrations on one of my blogs with mumbo jumbo names and email addresses. A day or two later my favicons were replaced with WebMart icons, but I changed them shortly after.
    Then last night all my blogs were gone. The files were still on the ftp space with some new ones like the besucher.txt file that when removed from the space started removing all files with it until I cancelled it.
    I called my host and they ran a fix and now they are doing a restore system to 24 hours back to restore the missing files from the fourth blog.
    But they can't tell me what happened and how I prevent that from happening again.
    I don't have the spam blocker that doesn't come with the open source wordpress software and I would like to have one too. I am relatively new to blogging and php.
    Thanks for any insights,
    Agnes

  2. 4k
    Member
    Posted 6 years ago #

    I don't know what you are currently running but definitely activate aksmit, download and install Bad Behaviour and read this Hardening Wordrpress

  3. pureleaf
    Member
    Posted 6 years ago #

    Thanks 4k, but what is aksmit?
    I hardly understand php, so reading about it makes my head spin.
    I am really upset and I don't know what to do if that happens again.

  4. mrmist
    Forum Janitor
    Posted 6 years ago #

    What version of WordPress are you running?

    You should upgrade older versions immediately, or you will just keep getting hacked.

    Akismet is a spam-stopping plugin. It will help you out to some extent, but not if the hacker is exploiting a security hole in an older release of the software.

  5. pureleaf
    Member
    Posted 6 years ago #

    I have the versions downloaded within a few last weeks on this site, so those must be newest?
    If not, then how to I upgrade them? Do I have to start over the blogs???

    I found Akismet but that wont prevent hacking, it just stops comment spam, which I don't even get, yet.

  6. mrmist
    Forum Janitor
    Posted 6 years ago #

    2.2.2 is the newest version. You may well have it and people could just be exploiting newer bugs or bugs elsewhere in your hosting environment, it's just always something to check on.

    You could try the bad behavior plugin also, it rejects connections from certain well-known evil IP addresses and proxies.

Topic Closed

This topic has been closed to new replies.

About this Topic