WordPress.org

Ready to get started?Download WordPress

Forums

Many wordpress sites hacked (7 posts)

  1. nikola123
    Member
    Posted 2 years ago #

    I have big network of wordpress sites (over 100) on different hosting companies and servers (shared, vps, dedi)...

    All sites are always on latest WP version and all plugins are updated.

    In last one month many of sites are hacked.

    Every day I find few new sites that are hacked.

    I know about timthumb exploit and I updated it on sites that have theme with timthumb, but most of them don't have it.

    Can anybody give some advice what to do in order to stop feature hacks ?

    It looks like WP has more holes then ever before.

  2. MrGamma
    Member
    Posted 2 years ago #

    That's interesting.

    Do you have enemies that would know where all your websites are?

    I am asking because I can't figure out if you really are being randomly hacked (which seems really odd) across all your websites, or if someone is just taking advantage of the fact that they know your vulnerabilities.

  3. nikola123
    Member
    Posted 2 years ago #

    No, not all sites are hacked but many...every day I find other few hacked...
    Not all sites are on the same hosting, not all use the same adsense...
    and there isn't any way to find that all sites belong to one person...

    I use Mac, so there are no viruses that can get in and see my FTP login...

    I just think that sites are hacked randomly

  4. MrGamma
    Member
    Posted 2 years ago #

    They have a section called hardening wordpress.

    http://codex.wordpress.org/Hardening_WordPress

    I am not sure they mention it, but whitelisting your ip address to the admin area might be an option too, if you primarily connect through the same internet connection each time for editing and such.

    [EDIT]

    They have a "Security through obscurity" section too... LOL!

  5. nikola123
    Member
    Posted 2 years ago #

    I'm sure they didn't hack it via admin panel but using some other hole...
    I have login lock down and very strong passwords..so it's not easy to get in via wp-admin login.

  6. Shane Gowland
    Member
    Posted 2 years ago #

    There is a possibility your credentials have been compromised. You may need to change your passwords on all your sites and FTP, because if you (like many) use the same password across many sites, once they guess one they have them all.

    It is also possible that your computer is infected with something nasty. Don't even bother with the "I use Mac, so there are no viruses that can get in and see my FTP login.." argument. Trust me, there are plenty of ways to steal information from a Mac and an equally large number of viruses that target Mac specifically. Your security naivety regarding your Mac is probably reflected elsewhere in your blogging setup, so it is no surprise to me that you are getting targeting.

    I apologise if I sound arrogant here, but 99% of hacking instances are the fault of the administrator. As I said, change all your passwords and read some articles on WP hardening.

  7. TheWebAtom has it right.

    WordPress has no known holes at this time (it may, but we've not yet found 'em). The most common point of access is poor user security habits.

    Change your passwords, clean up your sites, change passwords AGAIN, make sure you ONLY use SSH/STP on secure sites (never Starbucks). Tell your webhosts ASAFP. Change DB passwords too. Everything. Run a scan of your computer for anything weird.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags