WordPress.org

Ready to get started?Download WordPress

Forums

Hacked via Contact Form 8 (5 posts)

  1. paulaeisenberg
    Member
    Posted 4 years ago #

    I recently moved my news site to hostgator.com. So far, so good, until today. I went to the site, and below the visible footer area on the front page were row upon row of porn sites, clickable. I looked at the source code, and it said something about a jquery and Contact Form 8. I quickly disabled the plugin, and then dumped the browser cache and didn't see the hacked text anymore. This was in Chrome, by the way. I didn't see the problem in Firefox or Safari, oddly enough.

    Hostgator found rogue code in footer.php of my theme, Atahualpa 3.4.4,
    base64_decode and a long string of code. I'm afraid to post it here in case it's still virulent. Anyway, the plugin is still deactivated. I do need a contact form for the site, but now I'm afraid to use one.

    Any ideas? I'm running Bad Behavior, Akismet, Limit Login Attempts and regularly do a scan using WP Security Scan.

  2. Micah Cooksey

    Posted 4 years ago #

    You could always just use Cforms or something. There are a number of good ones out there. Just search for "contact form" in the Plugins Repository.

  3. jonradio
    Member
    Posted 4 years ago #

    I too use cformII but find it less confusing to go directly to http://www.deliciousdays.com/cforms-plugin as the cforms folks have decided not to maintain their Plugins Repository entry. (Long story, I'm told)

  4. TransPersonal
    Member
    Posted 4 years ago #

    If you were hacked via contact form 8 then try a contact form more focused on security than flashiness:

    http://wordpress.org/extend/plugins/si-contact-form/

    Also install this firewall plugin which is known to stop many common hacker tactics including sql injections:

    http://wordpress.org/extend/plugins/wordpress-firewall/

    Some other things worth considering:

    Using phpmyadmin change your database table prefixes to something other than the default wp_

  5. Micah Cooksey

    Posted 4 years ago #

    There's also this article about how to keep from getting hacked.

Topic Closed

This topic has been closed to new replies.

About this Topic