WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Blog Hijacked? Cracked? Why are the admin font, layout and content abnormal? (11 posts)

  1. imagiscapeca
    Member
    Posted 7 years ago #

    The font and layout and content changed from the standard wordpress style to a minimal page in the following format:

    http://www.imagiscape.ca
    Username:
    Password:
    Remember me
    Register
    Lost your password?
    Back to imagiscape.ca

    HAVE I BEEN HACKED? ARE MY MEMBER LISTS AND NEW REGISTRANTS BEING ABUSED BY A HACKER? HOW CAN I RETURN TO THE STANDARD?

    (I'm not talking about the theme the visitor sees - I'm talking about the style seen on the admin side of the website.)

    Thank you,
    Jonathon

    I think I'm using 2.12 - I can't see which version I'm using because the admin section of my blog is, as noted above, not displaying properly.

  2. imagiscapeca
    Member
    Posted 7 years ago #

    Confirmed: My version is 2.12
    ((Read only if you want to know how I know this:
    I found in WordPress's blog the note that 2.11 was "dangerous" - and I know that I had never upgraded to 2.11, and I upgraded to 2.12 the same day that the 2.11 flaw was announced.))

  3. Rok
    Member
    Posted 7 years ago #

    The current version is WordPress 2.1.3 (security release).

  4. I can't see your site from here (it's blocked by security filters), but what you're describing sounds like the WP logon box, perhaps with the background image missing.

    Does it change when you enter your user name and password?

  5. Samuel Wood (Otto)
    Tech Ninja
    Posted 7 years ago #

    Your admin page is here: http://imagiscape.ca/blog/wp-admin/

    And your actual problem seems to be that somebody added a space after "http://imagiscape.ca/blog " on the Options->General page. This mucks up the link to the CSS, so you are seeing it unstyled. Or something to that effect anyway.

    You may need to edit the database to correct the siteurl parameter.

  6. imagiscapeca
    Member
    Posted 7 years ago #

    When I log in it still has the abnormal formatting and layout.
    (Correction to my original post: the content has not changed.)

    Otto42 is half-right - an extra space "blog " / blog%20 now appears
    (http://imagiscape.ca/blog%20/wp-login.php?action=logout)

    BUT the offending extra space is not in the options settings
    (http://imagiscape.ca/blog/wp-admin/options-general.php)
    WordPress address (URL): http://www.imagiscape.ca/blog
    Blog address (URL): http://www.imagiscape.ca/blog
    Neither of these entries have the offending extra space ("www.imagiscape.ca/blog ").

    If it's not here, where oh where can it be?

  7. Samuel Wood (Otto)
    Tech Ninja
    Posted 7 years ago #

    I'm sorry, but you're wrong. That text comes from the siteurl parameter, which is same thing as the "WordPress address (URL):" that you see on that screen. Whether the space shows on the screen or not, it's still there. So save the Options->General page without the space and see if that fixes things.

    Also, those entries should have "http" and everything else in them too. If they really only have "www.whatever" then I'm amazed the thing works at all.

    Failing all else, replace all the files in wp-admin with unaltered versions from the WordPress ZIP file (redownload a fresh copy if you need to). May as well upgrade to WordPress 2.1.3 while you're at it.

  8. imagiscapeca
    Member
    Posted 7 years ago #

    I had thought I could not access my admin section to verify that my version is 2.13
    ... because ...
    when I logged in, I guess I did a typo on my first attempt at the password, and
    when it prompted me to retry, it added extra spaces after my username, so despite then entering the password correctly, I was told I had the wrong username or password! So I really thought someone had hacked my blog. Perhaps this should be a separate post - I will post it separately, but it's here to explain why I could not get beyond the opening login page.

  9. imagiscapeca
    Member
    Posted 7 years ago #

    Otto wrote

    Whether the space shows on the screen or not, it's still there.

    When I press backspace from the end of the line, it deletes the "g" of blog, not a space, therefore there is no space.

    Otto's 2nd point is correct. I apologize Otto - I wrote that my blog was set to:
    WordPress address (URL): http://www.imagiscape.ca/blog
    but it is set to
    WordPress address (URL): http://imagiscape.ca/blog

    So it's still a mystery:
    Where did the extra space come from?
    And since there is no extra space in the Options setting, where is the blog address being read from?
    Or is it the file calling for the blog address that has been corrupted and is adding an extra space?

    Anyway,
    I will try upgrading to 1.13 and see if that fixes it.
    I'll let you'all know.

    Thanks Otto and all for your help.

  10. Samuel Wood (Otto)
    Tech Ninja
    Posted 7 years ago #

    When I press backspace from the end of the line, it deletes the "g" of blog, not a space, therefore there is no space.

    While it's not showing on the screen or in the dialog, it may still be in the database. How it got there, I cannot guess, but try saving on that page anyway and see if that corrects it.

  11. imagiscapeca
    Member
    Posted 6 years ago #

    This did get fixed - sorry I didn't post this when it did. I don't think I ever learned what caused the problem. I think it was 'solved' when I upgraded from 2.12 to 2.13.

    A BIG PROBLEM WAS THIS:

    What really threw me was this: Not only was the login display abnormal, it seemed that my username and password were not recognized.
    ... because ...
    I guess I did a typo on my first attempt at the password, and
    when it prompted me to retry, it added extra spaces after my username, so despite then entering the password correctly, I was told I had the wrong username or password! So I really thought someone had hacked my blog.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags