WordPress.org

Ready to get started?Download WordPress

Forums

Can't access my dashboard (9 posts)

  1. adityaujjual
    Member
    Posted 3 years ago #

    From the last two days, I am not able to access the dashboard of my self hosted wordpress.org blog.

    Whenever I login to the dashboard with my user details, the page gets blank.

    When I just open my blog's link (http://www.ityaadi.org), it is showing the following error message at the top:

    Warning: Cannot modify header information - headers already sent by (output started at /home/ityaadi/public_html/index.php:1) in /home/ityaadi/public_html/wp-content/plugins/spammer-blocker/spammer-blocker.php on line 137

    Can someone explain what this error message is and how to rectify it.

  2. esmi
    Forum Moderator
    Posted 3 years ago #

  3. lonniea
    Member
    Posted 3 years ago #

    reset your plugin folder

  4. esmi
    Forum Moderator
    Posted 3 years ago #

    What!?

  5. ClaytonJames
    Member
    Posted 3 years ago #

    You may have more serious issues. Your site is loading a script that links to a file at "howdenskitchens.org/adv.php" which contains and active exploit. That domain links to the same exploit file on another compromised domain, and so-on.

    It's an "Exploit Blackhole" Exploit kit. You can read about the threat on Google. Here is a short synopsis from Symantec.

    Bottom line, you have probably been hacked, and there is probably a script - or an iframe - in your file(s) that contains a link to the exploit.

    Your version of wordpress is "WordPress 3.0.4".

    I'm off to hose down my hard drive... :-)

  6. adityaujjual
    Member
    Posted 3 years ago #

    @Esmi I worked your way and was able to remove the warning. I am not getting the warning about header when I open my blog ityaadi.org.

    But as @Clayton says, I may have more serious issues. My blog's dashboard is still unaccessible. When I tried to open it on Google Chrome today, it gave the following warning.

    ityaadi.org contains content from taste.zerofractal.biz, a site known to distribute malware. Your computer might catch a virus if you visit this site.

    I saw that there was this script with the link howdenskitchens.org/adv.php in my index.php file. When I opened this website, it was again showing the same message over there.

    So I removed it. And my blog stopped showing the error message.

    If it has been hacked, what do I do now.

    I am really concerned now. Please help.

  7. esmi
    Forum Moderator
    Posted 3 years ago #

  8. ssuryar
    Member
    Posted 2 years ago #

    Login to FTP & You will find the script as shown top of your INDEX.PHP (Main Directory not your theme directory)
    Please remove this code and you will find the same code again in your wp-admin/index.php. Please remove it and that's it. Save your files and login to your wordpress theme with old password and change the password once after you logged in. Cheers ! Surya R Praveen

  9. marie_a
    Member
    Posted 2 years ago #

    thank you so much ssuryar for posting this, my index.php had been hacked but the date didn't indicate that the file had been changed

Topic Closed

This topic has been closed to new replies.

About this Topic