Forums

WordPress › Support » How-To and Troubleshooting

Hackers editing files? (4 posts)

  1. igneous
    Member
    Posted 2 years ago #

    Ive been having some issues with hackers for the past couple weeks. I had mistakenly left a lot of files with 777 file permissoins, so I assume thats how they did it? They kept putting in links and scripts into them files and index.php. I changed my FTP password, but left a few things at 777 by mistake again and it happened again. Is there any way other than changing permissions and the FTP login details for them to get in?

  2. doodlebee
    Member
    Posted 2 years ago #

    Well, yeah. If you left your files at 777, then most likely they went right for the wp-config.php files and now have access to your database. If you haven't changed your WordPress password (as well as the password, and probably the username too - for the database) then they can just get in over and over again.

    All of your files should be set at 644 or 666, all folders should be 755. At this point you should take care of that, and then go into your hosting control panel (or whatever you use) and set a new database user and password. You'd have to reflect those changes in your wp-config.php file so your WordPress can have the new connection settings. You might also want to contact your host before you do anything and let them know - because if they *did* get into your database, it's possible they could compromise the entire server. You should let the host know what's going on, and let them see the activity the hacker has been doing so they can take appropriate action to prevent further loss (if any has occurred). They'll also help you figure out how to secure your own site so you don't get hacked again.

    You also might read this.

  3. igneous
    Member
    Posted 2 years ago #

    The config file was never 777 as far as I know. I changed the permissions back on friday, and it happened again this morning. They are somehow getting into files with 644 permissions like index.php default_filters.php and more and putting in an iframe code. Im changing ftp passwords, I dont know what else it could be

  4. doodlebee
    Member
    Posted 2 years ago #

    Did you contact your host about this? If your file permissions are correct, and you've gone as far as changing your database password (and possibly the name) then I'd say someone else on the server has a back door left open, and the hacker is gaining access through some other site - possibly wreaking havoc on the entire server. The hoist should be made aware of this so they can track it down and fix it.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.