WordPress.org

Ready to get started?Download WordPress

Forums

I've Been Hacked!!! (7 posts)

  1. robertshea
    Member
    Posted 8 years ago #

    Recently my entire network crashed, after manually rebooting the servers and network hardware and configuring everything, I logged onto my wordpress account to discover this message...

    "You Are HACKED BY ALEKS"

    I took a look around my webserver and discovered that the index.php file in my theme folder had been changed to reflect this message.

    How secure can WordPress be if it allows this kind of stuff?? My password is alphanumeric 20+ characters, I doubt a person took the time to hack my password, there must be a backdoor they used!!

  2. FurrTrap
    Member
    Posted 8 years ago #

    Does make me wonder about file permissions... did they hack into your hosting account? Server logs should help.

  3. What version of WordPress? Only 1.5.2 and v2.x are secure.

    If you were running either of those, then the hackers got in through another script.

  4. buggs
    Member
    Posted 8 years ago #

    I had the same problem with a hack using 1.5.2. All they did was change the index.php with their own index.html. They did not have access to any other files on my server other than the blog folder. Not sure how they got in, but there is a hole somewhere. Might be a plug, but it was not comforting.

  5. Addict
    Member
    Posted 8 years ago #

    Interesting. What version are/were you running? Anything in the server logs?

    On a side note, I think you've got this in the wrong forum. Its not for reporting you've been hacked, but rather for WordPress hacks (enhancements)....

  6. robertshea
    Member
    Posted 8 years ago #

    i am using 1.5.2

  7. davidchait
    Member
    Posted 8 years ago #

    hate to say it but upgrade to 2.0.2, and double check the various plugins you are using to make sure they don't have security issues reported. that's the only really safe solution, given 1.5.x has been phased-out to thebest of my knowledge.

    I'm getting 'pushed' up to 2.0.2 myself, but it has some benefits...

    -d

Topic Closed

This topic has been closed to new replies.

About this Topic