WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Base64 Attack (2 posts)

  1. danallenhouston
    Inactive
    Posted 1 year ago #

    A few years ago, I got hit with a base64 attack, where code was injected into every php file on my wordpress site.

    I never got an explanation for how an attacker was able to alter my php files. It was not through ftp/ssh password/login, I was able to rule that out by looking at login logs.

    So how could anyone get to my php files?

    How can I make sure it never happens again?

    Why did this only affect my WordPress sites, not my other php sites?

    As always, any information or assistance will be extremely much appreciated.

  2. esmi
    Forum Moderator
    Posted 1 year ago #

    So how could anyone get to my php files?

    If the server was compromised, then the hacker will have had access to pretty much every file on every site on the server.

    How can I make sure it never happens again?

    Chose a good host that "sandboxes" sites so that access via one insecure site does not threaten others on the same server. And only download theme & plugins from reputable sources - like wordpress.org. I'd also recommend reviewing Hardening_WordPress.

    Why did this only affect my WordPress sites, not my other php sites?

    Hackers use scripts to target file structures that they are familiar with, so sometimes, only WordPress, or Joomla etc sites are effected. In other cases, all .php sites are hit using a common file like index.php.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags