Forums

WordPress › Support » How-To and Troubleshooting

My site was hacked and host says Hello Dolly was Hacked (3 posts)

  1. uberschizo
    Member
    Posted 8 months ago #

    My website, running on WP3.2.1 and fully updated was recently hacked, when I contacted the hosts, they sent me an email that said

    Hacker IP "182.177.220.194"
    They had used a POST command on the WordPress plug-in "Hello Dolly" in order to upload the new index.php file.

    I've never heard of Hello Dolly being hacked, and wanted to know if this was them being honest or making excuses.

    I can request more information, and would also love to know how I can prevent this in future. (disabling Hello Dolly is extreme, dont you thinks ;) )

    thank you

    Schizo

  2. zoonini
    help me help you
    Posted 8 months ago #

    Here's how to report security issues with WordPress or WP-authored plug-ins: http://codex.wordpress.org/FAQ_Security#Where_do_I_report_security_issues.3F

    Are you actually running Hello Dolly to display quotes on your site? If you're not, simply delete it.

  3. Sergey Biryukov
    Live and Learn
    Posted 5 months ago #

    I've never heard of Hello Dolly being hacked, and wanted to know if this was them being honest or making excuses.

    That email sounds like a made excuse to me. Hello Dolly has no HTML forms or settings screens, therefore it doesn't accept any POST or GET requests and certainly doesn't have anything to do with uploading files.

Reply

You must log in to post.

About this Topic

Tags