WordPress.org

Ready to get started?Download WordPress

Forums

I was HACKED! (7 posts)

  1. qforquack
    Member
    Posted 6 years ago #

    Hello, my blog at http://www.girlonradio.com/ was hacked (and I have the latest release). I don't exactly have the simplest password, but I can't even get into my WP Admin at http://www.girlonradio.com/ anymore.

    What can I do?

  2. qforquack
    Member
    Posted 6 years ago #

    Sorry, the admin link is at http://www.girlonradio.com/wp-admin/.

  3. Roy
    Member
    Posted 6 years ago #

    You've been hacked alright, I never saw a spammed login screen!

    Warning: Cannot modify header information - headers already sent by (output started at /home/radio/public_html/wp-content/themes/oh-so-very/functions.php:15) in /home/radio/public_html/wp-includes/pluggable.php on line 694

    It looks like there has been some meddling on the functional files (pluggable.php).

    I guess you want to use FTP to install a freshly downloaded WP 2.5.1 to all files are back to what they are supposed to be. My guess (hope) is that you'll be able to login again. Then you'll want to change ALL your passwords (not just the WP password) and perhaps delete the theme (which might have edited files as well). I suppose this pretty much also makes you unable to find out how you were hacked, but that'll be the least of your problems now. As soon as you're up and running, look a little bit into the subject of "Hardening WordPress".

  4. qforquack
    Member
    Posted 6 years ago #

    I just found out that it was my THEME that was mangled with, it's that Oh So Very one.

  5. Roy
    Member
    Posted 6 years ago #

    That doesn't explain the spam on your login screen though!
    Anyway, it won't hurt to upload a fresh pack of WP and of course delete the entire theme from your server and upload a fresh one too.

  6. cent
    Member
    Posted 6 years ago #

    The warning message above just indicates that PHP errors are displayed. If you turn off php error messages and let the header redirect happen which it cant since the header is already sent, you can see where its suppose to go.

  7. Samuel Wood (Otto)
    Tech Ninja
    Posted 6 years ago #

    That doesn't explain the spam on your login screen though!

    Yes, it does. The theme's functions.php file was what got messed with. The functions.php file always loads. Always.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.