WordPress.org

Ready to get started?Download WordPress

Forums

"Hardening" How-To Questions (2 posts)

  1. atelierbeads
    Member
    Posted 4 years ago #

    I had a site hacked this week with what I'll call "link spam." They co-opted some file or other (never have discovered which one) and set up so that anyone searching for the blog would be directed to their illegal pharmaceutical site. My first step was to read the "Hardening WordPress" article from end to end. I next took backups, changed all the passwords, searched the database for suspect phrases (none were found). Once I had copies of the individual data (photos, etc.) I simply deleted the WordPress files and upgraded the site to the latest 2.9. (It was a 2.8.6 site that was compromised). In doing this, I found a rat's nest of garbage in an upload directory for 2008, carefully hidden in a hidden directory called "cache." I simply renamed it and killed all that stuff as well. I downloaded all fresh plug-ins. The result is that the blog is clean this morning, and the bogus links are gone.

    I'm determined to implement as many as possible of the suggestions in "Hardening WordPress," but I'm having some problems:

    1) I'm not an avid fan of "ask Apache," so I simply added an .htaccess/.htpasswd setup for the wp-admin directory. This was a success. Is it adequate?

    2) I also went through and ensured that every file and directory has been set to the suggested permissions. Not difficult.

    3) Moving "wp-config" to one directory up: This appeared to work, but I found that it had impacted the links. Stories remained on the main page, but you could not click on one to read the whole thing, nor could you comment. "File not found" was the error. Can this be corrected?

    4) Changing the name of the "uploads" directory. I seriously want to do this, but photographs and media in old posts go missing. Is there a way to fix them? How?

    5) Changing the prefix for the database tables to something other than "wp." This isn't difficult to do, physically. But what are the implications for the blog's content. Anything else need changing?

    This is an "inherited" blog with a custom theme. It's also quite popular, and its owner is not especially technical. So now that I have it, I need to take care of it. I'll sincerely appreciate any suggestions or links to reading about how to make the above changes.

    Thanks!
    Anne

    3) Moving

  2. See these links, too: FAQ: My site was hacked « WordPress Codex and how-to-completely-clean-your-hacked-wordpress-installation

    Changing the WP table prefix will help against bots, but not against even a casual script kiddie. if you're going to change "uploads" or the location of wp-config, you need to change all URLs in posts and pages either in the database with phpmyadmin or with something like Search RegEx.

Topic Closed

This topic has been closed to new replies.

About this Topic