WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Help me I've been hacked (11 posts)

  1. jthusgaard
    Member
    Posted 7 years ago #

    I need help badly, I've been hacked.....

    http://baby.gjesager.dk/wp-admin/
    http://baby.gjesager.dk/

    but not:
    http://baby.gjesager.dk/?cat=9
    http://baby.gjesager.dk/wp-login.php

    Is my data lost?
    What can i DO?
    How can i avoid this in the future?

    J;-)

  2. jthusgaard
    Member
    Posted 7 years ago #

    Found it out. All the index files were changed reloaded them.

  3. Brian Layman
    Member
    Posted 7 years ago #

    lol nice Arabic touch

    No, it does not appear that your data is lost.

    You are running WP 2.0 and have not updated to at least 2.0.3. If you are running anything less than 2.0.4, there are known security holes that allow attackers to do nasty stuff.

    I see that your site is backup and working. Either you replaced index.php, or my typing the full url some how miraculously got WP to restore those files. I'm guessing the former! lol.

    The best thing you can do to prevent any future problems is to:
    1. Make sure you are the only admin in your list of users.
    2. change your PW and your database PW too.
    3. Upgrade to 2.0.4
    Follow the instructions on this site or if you are somewhat techy try my "Upgrade your sites to the latest WordPress in 35 seconds." process.

  4. jthusgaard
    Member
    Posted 7 years ago #

    Hi

    I got a mail from my webhotel.
    The server have been hacked. And they will restore. That was the news of yesterday.

    The news of today is that my sites have been defaced again. It is not due to holes in WP but simply bad server security.

    As soon as all of my sites are ok again, and my webhotel has restored to the point that they seem fit. I'll update all my sites to 2.0.4.

    J;-)

  5. spencerp
    Member
    Posted 7 years ago #

    Well, I'd suggest getting a NEW webhotel, or whatever then. ;) If they have, that *bad* of a security system on their servers and such.. my as well go find another webhotel to stay at then LOL!

    spencerp

    Sorry.. just had too..hahaha.. =p

  6. Brian Layman
    Member
    Posted 7 years ago #

    Welllll, given the superb quality of online translators, a "host" certainly could translate to "hotel". Calling a shared web host a web hotel actually makes some sense! You could certainly hear of a marketer picking up on that.

    I simply love the fact that little old me is able to talk to people on the other side of the planet every single day. Little things like this make me smile.

    Anyway, I agree with SpencerP. If someone on their servers can get at other accounts, it indicates they never got the basics right in their security setup or they aren't up to date in their stuff. This "Isl4mic W4rrior" character is not the most sophisticated person a security professional is going to face. You should consider moving to a new host.

    Hope it works out for you J.

  7. Brian Layman
    Member
    Posted 7 years ago #

    >web hotel
    Yeah, this term is gaining popularity. Just google "web hotel" +server and you'll get loads of links. In fact, someone else used it here the other day and I totally misunderstood what they meant...

    OK, this was off topic, but I wanted to clarify that the term is commonly used so that people know what it means when they come across it here in the support forum.

    I'm out.

  8. vaasus
    Member
    Posted 7 years ago #

    Hi You All

    I'm an occasional blogger with no knowledge whatsoever about wordpress.

    I haven't done any blogging in a while. Found some time today to blog and alas ! some one has hacked my site ;(

    All I saw was the Italian Soccer team with the cup. Was able to delete the image.. thats about all..

    Can someone help me to recover my blog..

    Thank You

  9. vkaryl
    Member
    Posted 7 years ago #

    If you don't have a recent database of your own, check asap with your web host to see if they have one.

  10. vaasus
    Member
    Posted 7 years ago #

    Hi vkaryl

    looks like I was able to fix the problem. This is what I did & I hope it will help permanently !

    @
    http://vassan.kollidam.com/wp-admin/edit.php

    I found the corrupted index file that showed all the junk.

    Deleted the junk. Opened my WordPress 1.5 file, did a cut & paste of the index file to

    http://vassan.kollidam.com/wp-admin/templates.php

    and my blog is back !

    This rather wacky encounter has given me the courage to go ahead and change to version 2 + soon.

    I use 1and1.com & I did create a database as per your advice.

    I do one question though

    Under MANAGE http://vassan.kollidam.com/wp-admin/edit.php
    in the admin panel there ia a blank file namely
    " my-hacks.php (legacy hacks support)"

    ==> http://vassan.kollidam.com/wp-admin/templates.php?file=my-hacks.php

    Is this a valid file and if it is not should and how could I get rid of it...?

    Thank You Very Much

  11. jthusgaard
    Member
    Posted 7 years ago #

    My webhotel beefed up security.

    It turned out that it was only one of the servers that had a security problem. This one server was unfortunatly mine.

    I have beefed up security to with more secure passwords for all users. I take a monthly backup of the files and a weekly backup of the databases.

    All of the site that I host are related to family and friends. They are all using wordpress:

    http://gjesager.dk
    http://tanja.gjesager.dk (just started up)
    http://baby.gjesager.dk
    http://thusgaard.eu aka http://jesper.thusgaard.com
    http://foghsorensen.beotl.web.surftown.dk/

    J;-)

Topic Closed

This topic has been closed to new replies.

About this Topic